Search code examples
azuredocker.net-8.0azure-container-apps

Setting up HTTPS Ingress for .NET 8 Application in Azure Container Apps

I run ASP.NET Core in Docker container in Azure Container Apps

Here is the Dockerfile:

#Generate an SSL certificate 
FROM nginx:1.19.1-alpine AS certbuilder
ARG PASSWORD=password
RUN apk update && \
    apk add --no-cache openssl

RUN echo $PASSWORD
RUN openssl genrsa -des3 -passout pass:$PASSWORD -out server.pass.key 2048 && \
    openssl rsa -passin pass:$PASSWORD -in server.pass.key -out server.key && \
    rm server.pass.key && \
    openssl req -new -key server.key -out server.csr -subj "/C=/O=/OU=ou/CN=domain.com" && \
    openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt && \
    openssl pkcs12 -export -out server.pfx -inkey server.key -in server.crt -password pass:$PASSWORD

FROM mcr.microsoft.com/dotnet/aspnet:8.0 AS base
ARG PASSWORD=password
COPY --from=certbuilder server.pfx certificate/
WORKDIR /app
EXPOSE 80
EXPOSE 443

FROM mcr.microsoft.com/dotnet/sdk:8.0 AS build
WORKDIR /src

COPY ["Service.Api/Service.csproj", "Service.Api/"]
COPY ["./nuget.config", "./"]
RUN dotnet restore "Service.Api/Service.Api.csproj" --configfile nuget.config
COPY . .
WORKDIR "/src/Service.Api"
RUN dotnet build "Service.Api.csproj" -c Release -o /app/build

FROM build AS publish
RUN dotnet publish "Service.Api.csproj" -c Release -o /app/publish /p:UseAppHost=false

FROM base AS final
WORKDIR /app
COPY --from=publish /app/publish .
ENTRYPOINT ["dotnet", "Service.Api.dll"]

ENV ASPNETCORE_URLS="https://+;"
ENV ASPNETCORE_HTTPS_PORT=443
ENV ASPNETCORE_Kestrel__Certificates__Default__Password=$PASSWORD
ENV ASPNETCORE_Kestrel__Certificates__Default__Path=/certificate/server.pfx

In Azure Container Apps i have configured Ingress HTTP on Port 443.

Here is the image: enter image description here

And i have received this error: upstream connect error or disconnect/reset before headers. reset reason: connection termination

How to resolve the issue?

I have tried to use TCP with targetPort:443 and exposedPort: anyport. And this is how it is working, but i'm not trying to achieve this.

Solution

  • Setting up HTTPS Ingress for .NET 8 Application in Azure Container Apps

    Thanks to Thomos for suggesting the same point.

    The error mentioned suggests that the use of a self-signed certificate in your Dockerfile is causing an issue.

    To resolve the issue, remove the self-signed certificate, redeploy the image, and ensure to include the target port 8080 in the container application’s configurations.

    enter image description here

    Output:

    enter image description here