Is there an existing issue for this?
Is your feature request related to a problem? Please describe the problem.
Imagine a few ASP.NET Core micro-services that are in a docker compose environment, these micro-services do not publish any ports but some of them are accessible from a gateway (YARP or nginx for example). All public traffics come to the gateway first (with HTTPS) and after that they will be forwarded to the correct micro-service with HTTP (unencrypted). These micro-services do not face the internet directly and in order for faster internal communications, they do not use TLS.
Now if a micro-service has only REST APIs or only gRPC APIs, it can be successfully configured. For example a micro-service that only serves gRPC APIs can be configured to listen on port 80 without TLS:
builder.WebHost.ConfigureKestrel(options =>
{
// Setup a HTTP/2 endpoint without TLS.
options.ListenAnyIP(80, o => o.Protocols = HttpProtocols.Http2);
});But when a micro-service has both REST and gRPC APIs, we have a problem, because there is no HTTP version negotiation for unencrypted gRPC traffic and the following configuration
builder.WebHost.ConfigureKestrel(options =>
{
options.ListenAnyIP(80, o => o.Protocols = HttpProtocols.Http1AndHttp2);
});does not work because connections to the unsecured endpoint default to HTTP/1.1, and gRPC calls fail.
The solution is to use another port for gRPC:
builder.WebHost.ConfigureKestrel(options =>
{
// For REST
options.ListenAnyIP(80, o => o.Protocols = HttpProtocols.Http1AndHttp2);
// For gRPC
options.ListenAnyIP(8080, o => o.Protocols = HttpProtocols.Http2);
});And then configure the clients to connect to that port.
This problem is mentioned in the Microsoft docs and there is also a related issue for it.
Describe the solution you'd like
It would be great if an ASP.NET Core server could serve unencrypted REST and gRPC APIs on the same port without any issue.
Additional context
No response
Is there an existing issue for this?
Is your feature request related to a problem? Please describe the problem.
Imagine a few ASP.NET Core micro-services that are in a docker compose environment, these micro-services do not publish any ports but some of them are accessible from a gateway (YARP or nginx for example). All public traffics come to the gateway first (with HTTPS) and after that they will be forwarded to the correct micro-service with HTTP (unencrypted). These micro-services do not face the internet directly and in order for faster internal communications, they do not use TLS.
Now if a micro-service has only REST APIs or only gRPC APIs, it can be successfully configured. For example a micro-service that only serves gRPC APIs can be configured to listen on port 80 without TLS:
But when a micro-service has both REST and gRPC APIs, we have a problem, because there is no HTTP version negotiation for unencrypted gRPC traffic and the following configuration
does not work because connections to the unsecured endpoint default to HTTP/1.1, and gRPC calls fail.
The solution is to use another port for gRPC:
And then configure the clients to connect to that port.
This problem is mentioned in the Microsoft docs and there is also a related issue for it.
Describe the solution you'd like
It would be great if an ASP.NET Core server could serve unencrypted REST and gRPC APIs on the same port without any issue.
Additional context
No response