Invalid error about secure connection


I have a strange error. I deployed my service to an url with https support (valid Let’s Encrypt ssl).
However, when I try to use my service with ApiKey I get the message:

Sending ApiKey over insecure connection forbidden when RequireSecureConnection=true

Even in Postman when I use the I still get this message.
Based on what do you return this error message? When I put it to false it of course works.

IsSecureConnection is determined in ASP.NET with:

public bool IsSecureConnection => 
    request.IsSecureConnection || XForwardedProtocol == "https";

i.e. if the ASP.NET Request thinks it’s a Secure Connection or a reverse proxy is adding the "X-Forwarded-Proto" HTTP Header to the request.

For .NET Core we were missing the XForwardedProtocol check which I’ve just added in this commit.

Okay thanks. The server is indeed behind a reverse proxy on Linux. When Will this patch be avalable on nuget?

It’s available on MyGet now, it should be released on NuGet early next week.