Install the .NET Core agent for Azure App Service (manual)

To manually install the .NET Core agent using NuGet:

  1. Create an Azure account, if you don't have one already.

  2. Create a .NET Core web application, and deploy it to Azure App Service.

  3. Publish your application to Azure, and confirm that it works as expected without Contrast.

  4. Add the Contrast NuGet package to your application.

    Using dotnet command line:

    dotnet add package Contrast.SensorsNetCore

    Using Visual Studio:

    • Under the application project in the Solution Explorer, right-click on References and select Manage NuGet Packages.

    • Search for the Contrast.SensorsNetCore package, select it and add it to your project.

    • Build your application. Confirm that a contrast folder appears in your project. When the application is published, this folder also appears in the build output directory.

  5. In the Application Settings section of the Configuration blade for your web application in the Azure Portal, add the following settings.

    Windows:

    CORECLR_ENABLE_PROFILING: 1
CORECLR_PROFILER: {8B2CE134-0948-48CA-A4B2-80DDAD9F5791}
CORECLR_PROFILER_PATH_32: <application directory>\contrast\runtimes\win-x86\native\ContrastProfiler.dll
CORECLR_PROFILER_PATH_64: <application directory>\contrast\runtimes\win-x64\native\ContrastProfiler.dll

    Linux:

    CORECLR_ENABLE_PROFILING: 1
CORECLR_PROFILER: {8B2CE134-0948-48CA-A4B2-80DDAD9F5791}
CORECLR_PROFILER_PATH: <application directory>/contrast/runtimes/linux-x64/native/ContrastProfiler.so

  6. Using the .NET Core contrast_security.yaml config file, add .NET Core agent configurations.

    CONTRAST_CONFIG_PATH: [Path to yaml config file]

    At minimum, the following environment variables are required:

    CONTRAST__API__URL: [IF USING ANOTHER SERVER THAN THE DEFAULT: https://app.contrastsecurity.com]
CONTRAST__API__USER_NAME: [REPLACE WITH YOUR AGENT USERNAME]
CONTRAST__API__SERVICE_KEY: [REPLACE WITH YOUR AGENT SERVICE KEY]
CONTRAST__API__API_KEY: [REPLACE WITH YOUR AGENT API KEY]

  7. Publish your application to Azure App Service once more (after you've installed the Contrast NuGet package and updated the Application Settings in Azure Portal).

  8. Once the application has loaded, use the application and then verify that the server and application are active in Contrast, and that any expected vulnerabilities appear.

Important

When redeploying a web application that has Contrast agent running, you may run into an error that says "Files in use" on ContrastProfiler-64.dll or ContrastProfiler-32.dll. This happens because the agent DLL files are locked by .NET, and can't be overwritten while the application is still running.

The DLL files must be unloaded before publishing. To unload them, stop the site, publish and then start the site back up. Alternately, you can change the CORECLR_ENABLE_PROFILING setting to 0 in the portal, publish and then change the setting back to 1.

In this section: