Menu
I currently have a docker-compose setup for ASP.NET Core. However when moving to test the cluster in Kubernetes I ran into SSL issues with Kestrel. Originally with Docker/Docker-compose you can set up local SSL with
dotnet dev-certs https -ep %USERPROFILE%\.aspnet\https\<app_name>.pfx -p <password>
Then
dotnet dev-certs https --trust
Finally
dotnet user-secrets set "Kestrel:Certificates:Development:Password" "<password>"
And in Docker-compose I setup the volumes to point to this cert
volumes:
- ${APPDATA}\microsoft\UserSecrets\:/root/.microsoft/usersecrets
- ${USERPROFILE}\.aspnet\https:/root/.aspnet/https/
I am curious how I can test locally https with kubernetes. I saw a git repo https://github.com/Lybecker/k8s-friendly-aspnetcore, however I did not figure out how to get the .pfx file from my local computer into the secret, I would think copy and paste is not the way to go.
I looked at this SO post Access .NET Core app on Kubernetes on both http and https
However it looks like they are using .Net 5 which uses .key and .crt. I am on .Net 3.1 which uses a .pfx file.
601
Posted on: 22-01-2017 6 Comments. This is a continuation to the previous article on Enforcing HTTPS. While redirecting all non-secure requests to secure URLs is good, a man-in-the-middle can still hijack the connection before the redirect.
Rather than deploying your .NET core container with https, you should deploy it with http and use nginx-ingress to provide https as described here: https://cert-manager.io/docs/tutorials/acme/nginx-ingress/
121
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
