Cert fix

src/Squidex/Configurations/Identity/IdentityServices.cs

@@ -32,7 +32,7 @@ namespace Squidex.Configurations.Identity
                 var certData = new byte[certStream.Length];
 
                 certStream.Read(certData, 0, certData.Length);
-                certificate = new X509Certificate2(certData, "password");
+                certificate = new X509Certificate2(certData, "password", X509KeyStorageFlags.MachineKeySet);
             }
 
             services.AddSingleton(

src/Squidex/Pipeline/SingleUrlsMiddleware.cs

@@ -0,0 +1,54 @@
+// ==========================================================================
+//  SingleUrlsMiddleware.cs
+//  Squidex Headless CMS
+// ==========================================================================
+//  Copyright (c) Squidex Group
+//  All rights reserved.
+// ==========================================================================
+
+using System;
+using System.Threading.Tasks;
+using Microsoft.AspNetCore.Http;
+using Microsoft.Extensions.Logging;
+
+namespace Squidex.Pipeline
+{
+    public sealed class SingleUrlsMiddleware
+    {
+        private readonly RequestDelegate next;
+        private readonly ILogger<SingleUrlsMiddleware> logger;
+
+        public SingleUrlsMiddleware(RequestDelegate next, ILoggerFactory factory)
+        {
+            this.next = next;
+
+            logger = factory.CreateLogger<SingleUrlsMiddleware>();
+        }
+
+        public async Task Invoke(HttpContext context)
+        {
+            var currentUrl = string.Concat(context.Request.Scheme, context.Request.Host, context.Request.Path);
+
+            var hostName = context.Request.Host.ToString().ToLowerInvariant();
+            if (hostName.StartsWith("www"))
+            {
+                hostName = hostName.Substring(3);
+            }
+
+            var requestPath = context.Request.Path.ToString();
+            if (requestPath.EndsWith("/") == false)
+            {
+                requestPath = requestPath + "/";
+            }
+
+            var newUrl = string.Concat("https://", hostName, requestPath);
+
+            if (!string.Equals(newUrl, currentUrl, StringComparison.OrdinalIgnoreCase))
+            {
+                logger.LogError("Invalid url: {0} instead {1}", currentUrl, newUrl);
+            }
+
+            await next(context);
+        }
+    }
+}

src/Squidex/Startup.cs

@@ -23,6 +23,7 @@ using Squidex.Configurations.Identity;
 using Squidex.Configurations.Web;
 using Squidex.Store.MongoDb;
 using System.Linq;
+using Squidex.Pipeline;
 
 // ReSharper disable ConvertClosureToMethodGroup
 // ReSharper disable AccessToModifiedClosure
@@ -92,6 +93,8 @@ namespace Squidex
             loggerFactory.AddConsole();
             loggerFactory.AddDebug();
 
+            app.UseMiddleware<SingleUrlsMiddleware>();
+
             if (Environment.IsDevelopment())
             {
                 app.UseDeveloperExceptionPage();

src/Squidex/web.config

@@ -4,6 +4,6 @@
     <handlers>
       <add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModule" resourceType="Unspecified"/>
     </handlers>
-    <aspNetCore processPath="%LAUNCHER_PATH%" arguments="%LAUNCHER_ARGS%" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" forwardWindowsAuthToken="false"/>
+    <aspNetCore processPath="%LAUNCHER_PATH%" arguments="%LAUNCHER_ARGS%" stdoutLogEnabled="true" stdoutLogFile=".\logs\stdout" forwardWindowsAuthToken="false"/>
   </system.webServer>
 </configuration>