Search code examples
.netdockerubuntusslcertificate

How to start docker container with app that uses https

I have a web app in .Net Core 3.1 that runs in single solution with Angular app. My app is hosted on Ubuntu server on Docker. Everything was running without any problems, my app was accessible via URL from http but I wanted to make it secure and start using https. On local debugging it works good. When I start my app locally, I can access it on https://localhost:5001 and my web browser says that connection is secured (I guess it runs with some kind of self signed certificate). Here is the output from console on local debugging:

info: Microsoft.Hosting.Lifetime[0]
      Now listening on: https://localhost:5001
info: Microsoft.Hosting.Lifetime[0]
      Now listening on: http://localhost:5000
info: Microsoft.Hosting.Lifetime[0]
      Application started. Press Ctrl+C to shut down.
info: Microsoft.Hosting.Lifetime[0]
      Hosting environment: Development
info: Microsoft.Hosting.Lifetime[0]
      Content root path: D:\Repositories\myApp\Vs\Web

However, on server console I don't see the "https" part:

info: Microsoft.Hosting.Lifetime[0]
      Now listening on: http://[::]:80
info: Microsoft.Hosting.Lifetime[0]
      Application started. Press Ctrl+C to shut down.
info: Microsoft.Hosting.Lifetime[0]
      Hosting environment: Production
info: Microsoft.Hosting.Lifetime[0]
      Content root path: /app

I have added app.UseHttpsRedirection(); and 

services.AddHttpsRedirection(options =>
            {
                options.RedirectStatusCode = StatusCodes.Status307TemporaryRedirect;
                options.HttpsPort = 443;
            });

to my Startup.cs. I have also exposed ports 80 and 443 in Dockerfile. When I enter my app via URL it redirects me to https and I'm getting ERR_CONNECTION_REFUSED, because obviusly, https port is somehow not opened on Docker. I'm running my Docker container with -p 80:80 -p 443:443. I bought the certificate from my domain provider (I have a server on different platform) and I got 4 files from them: certificate, CSR, private key and CA.

Is my https not accessible on server because I don't "inject" certificate on setting up my Docker container? If yes, how to do it securly?

Solution

  • Maybe your 443 port is used by another application. You should try to expose some other port like 5001:443 and you should add enviroment varibles :

           -e ASPNETCORE_URLS="https://+;http://+" 
       -e ASPNETCORE_HTTPS_PORT=5001