No valid SSL certificate

[mrpmorris]

I thought I'd give this library a try, but when I try to run the WebApi sample it throws an exception saying there isn't a valid SSL certificate and then stops.

[kant2002]

I have to re-check what’s I have here. But my first guess is that Https is not supported in this mode.

Maybe I can help with rd.xml but because this is security people are touchy about changing things.

[mrpmorris]

I removed the https from the startup profiles but the same error still arises.

[kant2002]

Ha-ha, I apologize for having you hang for a long time. https://github.com/kant2002/NativeAOTDocker/tree/main?tab=readme-ov-file#web-api---2515-mb

I already have explanation how you should run with certificates. Basically you should create these certs and ship into container. Let me know how it goes.

[kant2002]

For HTTP only I miss -e ASPNETCORE_URLS="http://+" in the CLI command

[mrpmorris]

I didn't see that.

May I recommend having it run http only as default, and have the readme explain how to enable https?

[kant2002]

For SSL configuration take a look at https://learn.microsoft.com/en-us/dotnet/core/additional-tools/self-signed-certificates-guide#with-openssl nd create certs folder with certificates. Then you can run following command.

docker run --rm -it -p 8000:80 -p 8001:443 -e ASPNETCORE_URLS="https://+;http://+" -e ASPNETCORE_HTTPS_PORT=8001 -e ASPNETCORE_ENVIRONMENT=Development -e ASPNETCORE_KestrelCertificatesDefault__Path=/https/contoso.com.crt -e ASPNETCORE_KestrelCertificatesDefault__KeyPath=/https/contoso.com.key -v $PWD\certs/:/https/ nativeaot-scratch-webapi Web API accessible on http://localhost:8000/ and https://localhost:8001/.

[kant2002]

Obviously you can try and HTTP only. Just don’t forget set ASPNETCORE_URLS

[mrpmorris]

This is a good example of what I mean.

I don't like to make people go through any effort to run a demo.

It would be better to have it already http only, and then have the complex instructions for solving the next step instead of the first.

[kant2002]

I agree that samples should be easy. Honestly you are probably first or second person who reach out about this tech so I a bit disappointed with how people treat NativeAOT 😄

anyway, that’s good suggestion and I will do that.

[kant2002]

I think everything in place now on main branch

[mrpmorris]

I will have another look, thank you!