search

BorisWilhelms / create-dotnet-devcert

A simple script that creates and trusts a self-signed development certificate for dotnet on Linux distributions.
https://blog.wille-zone.de/post/aspnetcore-devcert-for-ubuntu
MIT License
333 stars 73 forks source link

Help required for running in Docker (Ubuntu) #6

Closed GOVINDBHAVAN closed 2 years ago

GOVINDBHAVAN commented 2 years ago

Hello, this script is working fine with "dotnet run" on Ubuntu + netcore 5 https, in both browser, postman. But when publishing the same application in docker, the application is not working on https.

I am new to docker, hence please suggest if I need to perform few changes to run application docker on

dotnet version: 5.0.302

Error: crit: Microsoft.AspNetCore.Server.Kestrel[0] Unable to start Kestrel. System.InvalidOperationException: Unable to configure HTTPS endpoint. No server certificate was specified, and the default developer certificate could not be found or is out of date. To generate a developer certificate run 'dotnet dev-certs https'. To trust the certificate (Windows and macOS only) run 'dotnet dev-certs https --trust'. For more information on configuring HTTPS see https://go.microsoft.com/fwlink/?linkid=848054. at Microsoft.AspNetCore.Hosting.ListenOptionsHttpsExtensions.UseHttps(ListenOptions listenOptions, Action1 configureOptions) at Microsoft.AspNetCore.Hosting.ListenOptionsHttpsExtensions.UseHttps(ListenOptions listenOptions) at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.AddressesStrategy.BindAsync(AddressBindContext context) at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.BindAsync(IEnumerable1 listenOptions, AddressBindContext context) at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.BindAsync(CancellationToken cancellationToken) at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.StartAsync[TContext](IHttpApplication1 application, CancellationToken cancellationToken) Unhandled exception. System.InvalidOperationException: Unable to configure HTTPS endpoint. No server certificate was specified, and the default developer certificate could not be found or is out of date. To generate a developer certificate run 'dotnet dev-certs https'. To trust the certificate (Windows and macOS only) run 'dotnet dev-certs https --trust'. For more information on configuring HTTPS see https://go.microsoft.com/fwlink/?linkid=848054. at Microsoft.AspNetCore.Hosting.ListenOptionsHttpsExtensions.UseHttps(ListenOptions listenOptions, Action1 configureOptions) at Microsoft.AspNetCore.Hosting.ListenOptionsHttpsExtensions.UseHttps(ListenOptions listenOptions) at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.AddressesStrategy.BindAsync(AddressBindContext context) at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.BindAsync(IEnumerable1 listenOptions, AddressBindContext context) at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.BindAsync(CancellationToken cancellationToken) at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.StartAsync[TContext](IHttpApplication1 application, CancellationToken cancellationToken) at Microsoft.AspNetCore.Hosting.GenericWebHostService.StartAsync(CancellationToken cancellationToken) at Microsoft.Extensions.Hosting.Internal.Host.StartAsync(CancellationToken cancellationToken) at Microsoft.Extensions.Hosting.HostingAbstractionsHostExtensions.RunAsync(IHost host, CancellationToken token) at Microsoft.Extensions.Hosting.HostingAbstractionsHostExtensions.RunAsync(IHost host, CancellationToken token) at Microsoft.Extensions.Hosting.HostingAbstractionsHostExtensions.Run(IHost host)

sarvasana commented 2 years ago

Are you using mcr.microsoft.com/dotnet/aspnet:5.0 as the base image? https://github.com/dotnet/dotnet-docker/blob/main/samples/host-aspnetcore-https.md

GOVINDBHAVAN commented 2 years ago

Hello thanks for the reply, yes I'm using "mcr.microsoft.com/dotnet/sdk:5.0".

I am able to run with https/SSL on docker+ubuntu by generating a new pfx file i.e. dotnet dev-certs https -ep ${HOME}/.aspnet/https/aspnetapp.pfx -p some_password_here and passing pfx password like:

docker run -p 8000:80 -p 8001:443 -d IMAGE_ID -e ASPNETCORE_URLS="https://+;http://+" -e ASPNETCORE_HTTPS_PORT=8001 -e ASPNETCORE_ENVIRONMENT=Development -e ASPNETCORE_KestrelCertificatesDevelopment__Password="crypticpassword" -v ${HOME}/.microsoft/usersecrets/:/root/.microsoft/usersecrets -v ${HOME}/.aspnet/https:/root/.aspnet/https/

but I don't know whether can I run aspnetcore app https on linux using docker without an additional PFX file, instead can it run it just by using the script "create-dotnet-devcert.sh"?

I have tried setting volumes as well while running docker like: docker run -p 8000:80 -p 8001:443 -d IMAGE_ID -v /etc/ssl/certs:/etc/ssl/certs -v /usr/local/share/ca-certificates:/usr/local/share/ca-certificates -e ASPNETCORE_URLS="https://+;http://+" -e ASPNETCORE_HTTPS_PORT=8001 -e ASPNETCORE_HTTP_PORT=8001

Please suggest.

sarvasana commented 2 years ago

Yes, I guess that would be possible.

For this you would have pick a Ubuntu or Debian based container. Then, build your own docker image from that where you copy the scripts from this repository to that image and execute them on there.

Look in the docker documentation for COPY and RUN. Bear in mind that you need root permissions to run the script.

I would not execute that configure_nssdb function from commos.sh on the docker.

But why would you not use what is already working? In both cases, you are using a developer certificate and these are not for production scenarios.

GOVINDBHAVAN commented 2 years ago

Thanks for the reply, yes I can use the pfx file to continue the development, was just curious to understand if it would be possible with the script.

I'm closing the thread. Thanks again.