search

microsoft / iis-docker

Dockerfile for IIS
https://hub.docker.com/r/microsoft/iis/
MIT License
288 stars 128 forks source link

Unable to enable SSL binding of the website after applying KB5001384 #184

Closed JohnTrivedi closed 5 months ago

JohnTrivedi commented 3 years ago

Describe the Bug

I am running Windows Server 2019 build # 10.0.17763.1879 and my web server is running under windows containers using mcr.microsoft.com/dotnet/framework/runtime:4.8-windowsservercore-ltsc2019 base image. It was working fine before applying latest Cumulative patch KB5001384 and after the patch containers fails to create SSL bindings for the website. After uninstalling the above patch the website is working fine again.

Steps to Reproduce

Create a docker image to run ASP.NET website using mcr.microsoft.com/dotnet/framework/runtime:4.8-windowsservercore-ltsc2019 as base image. Enable following features Web-Server,NET-Framework-45-ASPNET,Web-Asp-Net45,Web-AppInit,Web-ASP,Web-Dyn-Compression, Web-WebSockets, Web-Http-Tracing, Web-Mgmt-Service.

Create a website and enable SSL binding using following powershell commands. $hostHeader = "test.domain.com" New-WebBinding -Name "TestSite" -Protocol "https" -Port 443 -HostHeader $hostHeader -SslFlags 1 $certificate = Get-ChildItem Cert:\LocalMachine\My | Where-Object {$_.FriendlyName -eq "*.domain.com"} New-Item -Path "IIS:\SslBindings!443!test.domain.com" -Value $certificate -SSLFlags 1

The last statement fails with the error. From the IIS management studio as well it fails to create bindings after the patch.

Other Information

Incorrect function error is shown in the interface

Output of docker version

Client: Version: 18.09.3 API version: 1.39 Go version: go1.10.8 Git commit: 142dfcedca Built: 02/28/2019 06:33:17 OS/Arch: windows/amd64 Experimental: false

Server: Engine: Version: 18.09.3 API version: 1.39 (minimum version 1.24) Go version: go1.10.8 Git commit: 142dfcedca Built: 02/28/2019 06:31:15 OS/Arch: windows/amd64 Experimental: false

Output of docker info

Containers: 4 Running: 4 Paused: 0 Stopped: 0 Images: 7 Server Version: 18.09.3 Storage Driver: windowsfilter Windows: Logging Driver: json-file Plugins: Volume: local Network: ics l2bridge l2tunnel nat null overlay transparent Log: awslogs etwlogs fluentd gelf json-file local logentries splunk syslog Swarm: inactive Default Isolation: process Kernel Version: 10.0 17763 (17763.1.amd64fre.rs5_release.180914-1434) Operating System: Windows Server 2019 Datacenter Version 1809 (OS Build 17763.1879) OSType: windows Architecture: x86_64 CPUs: 4 Total Memory: 32GiB Name: DockerTest ID: 2OJM:ZYID:RV5R:7R2B:DMY4:HBP2:UGY6:SHBK:7LIG:IIVR:XNMW:E2YZ Docker Root Dir: C:\ProgramData\docker Debug Mode (client): false Debug Mode (server): false Registry: https://index.docker.io/v1/ Labels: Experimental: false Insecure Registries: 127.0.0.0/8 Live Restore Enabled: false

MichaelSimons commented 3 years ago

@HongGit, can you take a look at this please?

JohnTrivedi commented 3 years ago

Just to clarify one thing that it is 2021-04 Preview update which is causing this issue build # 10.0.17763.1911. Unfortunately there is no easy way to block this update if not using Windows Update Server

xargon180 commented 3 years ago

Exactly the same problem here. Are there any workarounds beside uninstalling KB5001384?