Why is the default certificate store directory missing when I debug my net core app in Visual Studio?

Question

I have a project that I want to debug. I have a use case where I must access a couple of different certs from the CurrentUser.My trust store. I know that linux maps the cert store differently than windows and each distro maps it differently. I also know that the CurrentUser.My store location is supported in linux.

When I execute docker-compose up -d my container's root folder looks as follows:

("/root/.dotnet/corefx/cryptography/x509stores/my" directory is present in container)

When I run the container using Visual Studio's debugger for docker-compose my containers root folder looks as follows:

("/root/.dotnet/corefx/cryptography/x509stores/my" directory is missing in container)

I want to learn why the .dotnet folder is not created within the root directory of my app container when I try to debug in Visual Studio. I've looked over the docker-compose.vs.debug.yml file and I just do not understand what is being overridden that is causing the root folder of the container to be different. I'm still relatively new to docker & docker-compose and I would greatly appreciate any guidance or constructive feedback on how to overcome this issue.

Here are my compose files for reference.

Dockerfile

FROM mcr.microsoft.com/dotnet/aspnet:6.0 AS base
WORKDIR /app
RUN apt-get update && apt-get install -y libgdiplus && apt-get install -y nano && apt-get -y install tzdata
COPY ["localcontainercert.pfx", "/etc/ssl/certs/localcontainercert.pfx"]
COPY ["PublicCert.pfx", "/etc/ssl/certs/PublicCert.pfx"]
COPY ["localcontainercert.crt", "/usr/local/share/ca-certificates/localcontainercert.crt"]
RUN chmod 644 /usr/local/share/ca-certificates/localcontainercert.crt 
RUN update-ca-certificates

EXPOSE 44360
EXPOSE 44390

FROM mcr.microsoft.com/dotnet/sdk:6.0 AS build
WORKDIR /certtool
# Install certificate tool
RUN dotnet tool install --tool-path ./ dotnet-certificate-tool

WORKDIR /src
COPY ["NuGet.Config", "."]
COPY ["src/SampleApp.Web/SampleApp.Web.csproj", "src/SampleApp.Web/"]
COPY ["src/SampleApp.EntityFrameworkCore.DbMigrations/SampleApp.EntityFrameworkCore.DbMigrations.csproj", "src/SampleApp.EntityFrameworkCore.DbMigrations/"]
COPY ["src/SampleApp.EntityFrameworkCore/SampleApp.EntityFrameworkCore.csproj", "src/SampleApp.EntityFrameworkCore/"]
COPY ["src/SampleApp.Domain/SampleApp.Domain.csproj", "src/SampleApp.Domain/"]
COPY ["src/SampleApp.Domain.Shared/SampleApp.Domain.Shared.csproj", "src/SampleApp.Domain.Shared/"]
COPY ["src/SampleApp.HttpApi/SampleApp.HttpApi.csproj", "src/SampleApp.HttpApi/"]
COPY ["src/SampleApp.Application.Contracts/SampleApp.Application.Contracts.csproj", "src/SampleApp.Application.Contracts/"]
COPY ["src/SampleApp.Application/SampleApp.Application.csproj", "src/SampleApp.Application/"]
RUN dotnet restore "src/SampleApp.Web/SampleApp.Web.csproj"
COPY . .
WORKDIR "/src/src/SampleApp.Web"
RUN dotnet build "SampleApp.Web.csproj" -c Release -o /app/build

FROM build AS publish
RUN dotnet publish "SampleApp.Web.csproj" -c Release -o /app/publish

FROM base AS final
WORKDIR /app
#Copy published app to base
COPY --from=publish /app/publish .

# Install certificates & Required Libraries
COPY --from=build /certtool .
RUN ./certificate-tool add --file /etc/ssl/certs/localcontainercert.pfx --password 'password'
RUN ./certificate-tool add --file /etc/ssl/certs/PublicCert.pfx --password 'password'

WORKDIR /app
ENTRYPOINT ["dotnet", "SampleApp.Web.dll"]

docker-compose.yml

version: '3.4'

services:
  redis:
    container_name: SampleApp.redis
    image: redis:latest
    ports: 
      - "6379:6379"
    volumes:
      - SampleApp.redis.vol:/redis_cache
    networks:
      - SampleApp.network

  SampleApp.web:
    container_name: SampleApp.web    
    environment:      
      - ASPNETCORE_ENVIRONMENT=Development
      - ASPNETCORE_URLS=https://*:44360;https://*:44390
      - ASPNETCORE_Kestrel__Certificates__Default__Path=/etc/ssl/certs/localcontainercert.pfx
      - ASPNETCORE_Kestrel__Certificates__Default__Password=BjCrNe1978$$!
      - ClientAssertationCertificateClientId=67894ab1-aba9-6a21-8437-3f460d7ccaae
      - ProdConnStringVaultLink=https://fake-keyvault-location.vault.azure.net/secrets/Prod-ConnectionString/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
      - ProdDefaultPassPhrase=https://fake-keyvault-location.vault.azure.net/secrets/Prod-DefaultPassPhrase/bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb
      - ProdDefaultSalt=https://fake-keyvault-location.vault.azure.net/secrets/Prod-DefaultSalt/cccccccccccccccccccccccccccccccccccccccccc
      - ProdInitVectorBytes=https://fake-keyvault-location.vault.azure.net/secrets/Prod-InitVectorBytes/dddddddddddddddddddddddddddddddddddd
      - StagingConnStringVaultLink=https://fake-keyvault-location.vault.azure.net/secrets/Staging-ConnectionString/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
      - StagingDefaultPassPhrase=https://fake-keyvault-location.vault.azure.net/secrets/Staging-DefaultPassPhrase/ffffffffffffffffffffffffffffffff
      - StagingDefaultSalt=https://fake-keyvault-location.vault.azure.net/secrets/Staging-DefaultSalt/gggggggggggggggggggggggggggggggggggggg
      - StagingInitVectorBytes=https://fake-keyvault-location.vault.azure.net/secrets/Staging-InitVectorBytes/hhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhh            
      - TwilioAccountSID=https://fake-keyvault-location.vault.azure.net/secrets/T-AccountSID/iiiiiiiiiiiiiiiiiiiiiiii
      - TwilioAuthToken=https://fake-keyvault-location.vault.azure.net/secrets/T-AuthToken/jjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj
      - x=https://fake-keyvault-location.vault.azure.net/secrets/T-FromNumber/kkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk
      - WEBSITE_LOAD_CERTIFICATES=55900A58F1DD58019271E3C57435E1420222B389
    ports:            
      - "44360:44360"      
      - "44390:44390"    
    volumes:
      - /c/users/UserName/.dotnet/https:/https:ro
      - /c/users/UserName/.abp/cli:/root/.abp/cli
      - /usr/local/bin/Docker/logs/SampleApp:/app/Logs
      - /usr/local/bin/Docker/temp-keys-web:/root/.aspnet/DataProtection-Keys
    build:
      context: .
      dockerfile: src/SampleApp.Web/Dockerfile
    networks:
      - SampleApp.network
  
  SampleApp.kiosk:
    container_name: SampleApp.kiosk
    environment:
      - ASPNETCORE_ENVIRONMENT=Development
      - ASPNETCORE_URLS=https://*:44361
      - ASPNETCORE_Kestrel__Certificates__Default__Path=/etc/ssl/certs/localcontainercert.pfx
      - ASPNETCORE_Kestrel__Certificates__Default__Password=password
    ports:       
      - "44361:44361"      
    build:
      context: .
      dockerfile: src/SampleApp.Kiosk/Dockerfile
    volumes:
      - /c/users/UserName/.abp/cli:/root/.abp/cli
      - /usr/local/bin/Docker/temp-keys-kiosk:/root/.aspnet/DataProtection-Keys
    networks:
      - SampleApp.network     
networks:
  SampleApp.network:
    driver: bridge

volumes:
  SampleApp.redis.vol:

docker-compose.vs.debug.yml

services:
  SampleApp.kiosk:
    build:
      target: base
      labels:
        com.microsoft.created-by: "visual-studio"
        com.microsoft.visual-studio.project-name: "SampleApp.Kiosk"
    environment:
      - DOTNET_USE_POLLING_FILE_WATCHER=1
      - ASPNETCORE_LOGGING__CONSOLE__DISABLECOLORS=true
      - NUGET_FALLBACK_PACKAGES=
    volumes:
      - D:\Workspace\SampleApp\aspnet-core\src\SampleApp.Kiosk:/app
      - D:\Workspace\SampleApp\aspnet-core:/src
      - C:\Users\UserName\vsdbg\vs2017u5:/remote_debugger:rw
      - C:\Users\UserName\.nuget\packages\:/root/.nuget/packages:ro
      #- ${APPDATA}/ASP.NET/Https:/root/.aspnet/https:ro
      #- ${APPDATA}/Microsoft/UserSecrets:/root/.microsoft/usersecrets:ro

    entrypoint: tail -f /dev/null
    labels:
      com.microsoft.visualstudio.debuggee.program: "dotnet"
      com.microsoft.visualstudio.debuggee.arguments: " --additionalProbingPath /root/.nuget/packages  \"/app/bin/Debug/net6.0/SampleApp.Kiosk.dll\""
      com.microsoft.visualstudio.debuggee.workingdirectory: "/app"
      com.microsoft.visualstudio.debuggee.killprogram: "/bin/sh -c \"if PID=$$(pidof dotnet); then kill $$PID; fi\""
    tty: true
  SampleApp.web:
    #image: jarrad78SampleApp/SampleApp-web:dev
    build:
      target: base
      labels:
        com.microsoft.created-by: "visual-studio"
        com.microsoft.visual-studio.project-name: "SampleApp.Web"
    environment:
      - DOTNET_USE_POLLING_FILE_WATCHER=1
      - ASPNETCORE_LOGGING__CONSOLE__DISABLECOLORS=true
      - NUGET_FALLBACK_PACKAGES=
    volumes:
      - D:\Workspace\SampleApp\aspnet-core\src\SampleApp.Web:/app
      - D:\Workspace\SampleApp\aspnet-core:/src
      - C:\Users\UserName\vsdbg\vs2017u5:/remote_debugger:rw
      #- C:\Users\UserName\.nuget\packages\:/root/.nuget/packages:ro
      #- ${APPDATA}/ASP.NET/Https:/root/.aspnet/https:ro
      #- ${APPDATA}/Microsoft/UserSecrets:/root/.microsoft/usersecrets:ro

    entrypoint: tail -f /dev/null
    labels:
      com.microsoft.visualstudio.debuggee.program: "dotnet"
      com.microsoft.visualstudio.debuggee.arguments: " --additionalProbingPath /root/.nuget/packages  \"/app/bin/Debug/net6.0/SampleApp.Web.dll\""
      com.microsoft.visualstudio.debuggee.workingdirectory: "/app"
      com.microsoft.visualstudio.debuggee.killprogram: "/bin/sh -c \"if PID=$$(pidof dotnet); then kill $$PID; fi\""
    tty: true

Answer 1

It wasn't very apparent to me what was occurring with my build but I found that my docker-compose.dcproj.user file had a couple of extra entries that were forcing my debugging session to exclude the .dotnet directory. I removed the extra settings from the "" tag and my build began including the "/root/.dotnet/corefx/cryptography/x509stores/my" directory in the container. Restoring docker-compose.dcproj.user to it's original state resolved my issue.