Menu
I'm trying to create a simple ASP.NET-Core 2.1 Web App that runs in Docker and forces HTTPS.
If I don't force HTTPS, the web app runs fine in the Docker instance. If I force HTTPS, or manually try to hit the HTTPS port, I get an "unable to connect" error or something nasty, like it.
So from my understanding, I need to somehow copy the trusted self-signed dev certification from my localhost development machine over to the Docker instance.
Luckily, there are some good docs that help explain/talk about this:
But everytime I try and start the first main step -> creating a cert, I get the following errors:
C:\Users\justi>dotnet dev-certs https --clean
Cleaning HTTPS development certificates from the machine. A prompt might get displayed to confirm the removal of some of the certificates.
C:\Users\justi>dotnet dev-certs https -ep %USERPROFILE%\.aspnet\https\hornet.apigateway.website.public.pfx -p secretpassword
A valid HTTPS certificate is already present.
But as you can see, I just tried to clean my cert store (which I did get asked to confirm the deleting of the cert) and then try to create a new one.
The above command was based on the examples in the links, above.
I feel like the error message is incorrect and the real error message isn't being displayed?
Just in case I've messed up my Docker file stuff, here's my 2x docker-compose files:
docker-compose.yml
apigateway.website.public:
image: hornet/apigateway.website.public
build:
context: .
dockerfile: src/Api Gateways/ApiGateway.Website.Public/Dockerfile
#ports:
# - "5000:443"
depends_on:
- microservice1.api
- microservice2.api
docker-compose.override.yml
apigateway.website.public:
environment:
- ASPNETCORE_ENVIRONMENT=Development
- ASPNETCORE_URLS=https://localhost;http://localhost
- ASPNETCORE_HTTPS_PORT=5001
ports:
# NOTE: need to copy the dev cert over to the container
# REF: o) https://github.com/dotnet/dotnet-docker/blob/master/samples/aspnetapp/aspnetcore-docker-https-development.md
# o) https://github.com/dotnet/dotnet-docker/blob/master/samples/aspnetapp/aspnetcore-docker-https.md
# o) https://github.com/aspnet/Docs/issues/3310
# o) https://github.com/aspnet/Docs/issues/6199
- "5000:80"
- "5001:443"
volumes:
- ${APPDATA}/Microsoft/UserSecrets/:/root/.microsoft/usersecrets
- ${APPDATA}/ASP.NET/Https:/root/.aspnet/https/
285
I recently got this to work for my project. I cribbed a lot of it from the Visual Studio Docker Compose files that were generated.
There are several differences that I see in your compose syntax that might be contributing to your issue.
First, your environment variables - I'm not sure what version of compose you're using. I was using 3.7 and I was able to define the variables this way:
ASPNETCORE_ENVIRONMENT: "Development"
ASPNETCORE_URLS: "https://+:443;http://+:80"
ASPNETCORE_HTTPS_PORT: "44371"
Notice that the main difference here is that I'm declaring my aspnetcore urls using a wild card character for the domain and declaring the port number directly after that https://+:443;http://+:80 as the internal port numbers
I was able to access the application exactly how I expected by https://localhost:44371.
I do still define ports in my compose file too, but I think the main thing here is that you need to tell aspnet core what the ports are via your ASPNETCORE_URLS environment variable. The ports declared in your compose file are informing your docker container, not your application.
So a compose file that may work for you would be the following:
apigateway.website.public:
environment:
ASPNETCORE_ENVIRONMENT: "Development"
ASPNETCORE_URLS: "https://+:443;http://+:80"
ASPNETCORE_HTTPS_PORT: "5001"
volumes:
- ${APPDATA}/Microsoft/UserSecrets/:/root/.microsoft/usersecrets:ro
- ${APPDATA}/ASP.NET/Https:/root/.aspnet/https:ro
ports:
- "5000:80"
- "5001:443"
I also added the :ro (read only) indicator on your volumes as that seems to be a best practice.
53
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
