Search code examples
docker.net-coredocker-composedockerfilex509certificate

How to install .pfx certificate in windows docker image

I have a .Net Core API which uses identityServer 4, I am trying to run the API into the Docker Compose (Windows Container) but unable to do because of that exception which is:

Unable to configure HTTPS endpoint. No server certificate was specified, and the default developer certificate could not be found or is out of date.
To generate a developer certificate run 'dotnet dev-certs https'. To trust the certificate (Windows and macOS only) run 'dotnet dev-certs https --trust'.
For more information on configuring HTTPS see https://go.microsoft.com/fwlink/?linkid=848054.

After spending hours on google I have found many links in which first to install certificate like

dotnet dev-certs https --clean
dotnet dev-certs https --trust

**Docker - certificate not trusted**

     1. Delete the C:\Users{USER}\AppData\Roaming\ASP.NET\Https folder.
     2. Clean the solution. Delete the bin and obj folders. 
     3. Restart the Development tool. Visual Studio Code- 2019

After doing all above stuff facing same error, am I doing some wrong thing.

Here is the dockerfile

FROM mcr.microsoft.com/dotnet/core/aspnet:3.1-nanoserver-1809 AS base
WORKDIR /app
EXPOSE 80
EXPOSE 443
user ContainerAdministrator

FROM mcr.microsoft.com/dotnet/core/sdk:3.1-nanoserver-1809 AS build
WORKDIR /src

COPY ../Certificate/idsrv3test.pfx .

COPY ["Tests-Identity/Tests-Identity.csproj", "Tests-Identity/"]
RUN dotnet restore "Tests-Identity/Tests-Identity.csproj"
COPY . .
WORKDIR "/src/Tests-Identity"
RUN dotnet build "Tests-Identity.csproj" -c Release -o /app/build

FROM build AS publish
RUN dotnet publish "Tests-Identity.csproj" -c Release -o /app/publish

FROM base AS final
WORKDIR /app
COPY --from=publish /app/publish .
ENTRYPOINT ["dotnet", "Tests-Identity.dll"]

Here is the docker-compose.override.yml

version: '3.4'

services:
  tests-identity:
    environment:
       - ASPNETCORE_ENVIRONMENT=Development
       - ASPNETCORE_URLS=https://+:443;http://+:80

    ports:
      - "5000:80"
      - "5001:443"
    volumes:
      - ${APPDATA}/Microsoft/UserSecrets:C:\Users\ContainerUser\AppData\Roaming\Microsoft\UserSecrets:ro
      - ${APPDATA}/ASP.NET/Https:C:\Users\ContainerUser\AppData\Roaming\ASP.NET\Https:ro
Solution

  • Muneer As per my understanding the following command will only help you when you are running your application under IISEXPRESS this will absolutely not help you, but my understanding you are trying to run the API under 'Docker Compose' project 

    dotnet dev-certs https --clean
dotnet dev-certs https --trust

    So first you need to remove the admin container user in your docker file

    user ContainerAdministrator

    and also remove this line

    COPY ../Certificate/idsrv3test.pfx .

    After that add the following parameter in "X509Certificate2" which will be in your Certificate.cs file

    enter image description here

    Please try this link it will definitely helps you a lot https://github.com/dotnet/dotnet-docker/issues/863