Asp.Net核心docker编写https自签名证书问题
我无法使用自签名证书在https上运行asp.net core 3 api的docker compose。我已经按照ms docs上的说明进行了操作,但在尝试了数小时之后,我已经放弃了: 我的docker在这里:Asp.Net核心docker编写https自签名证书问题,docker,asp.net-core,docker-compose,Docker,Asp.net Core,Docker Compose,我无法使用自签名证书在https上运行asp.net core 3 api的docker compose。我已经按照ms docs上的说明进行了操作,但在尝试了数小时之后,我已经放弃了: 我的docker在这里: version: '3.7' networks: localdev: name: localdev services: main-api: container_name: main-api build: context: .
version: '3.7'
networks:
localdev:
name: localdev
services:
main-api:
container_name: main-api
build:
context: .
dockerfile: Dockerfile
#restart: always
ports:
- "5000:5000"
- "5001:5001"
depends_on:
- db-server
networks:
- localdev
volumes:
- $USERPROFILE/.aspnet/https:/https/
environment:
ASPNETCORE_Kestrel__Certificates__Default__Password: "Passw0rd!"
ASPNETCORE_Kestrel__Certificates__Default__Path: "$USERPROFILE/.aspnet/https/aspnetapp.pfx"
db-server:
image: mariadb:latest
container_name: db-server
environment:
- MYSQL_ROOT_PASSWORD=Password!
ports:
- "13306:3306"
networks:
- localdev
docker撰写日志如下:
main-api | warn: Microsoft.AspNetCore.DataProtection.Repositories.FileSystemXmlRepository[60]
main-api | Storing keys in a directory '/root/.aspnet/DataProtection-Keys' that may not be persisted outside of the container. Protected data will be unavailable when container is destroyed.
main-api | crit: Microsoft.AspNetCore.Server.Kestrel[0]
main-api | Unable to start Kestrel.
main-api | Interop+Crypto+OpenSslCryptographicException: error:2006D080:BIO routines:BIO_new_file:no such file
main-api | at Interop.Crypto.CheckValidOpenSslHandle(SafeHandle handle)
main-api | at Internal.Cryptography.Pal.OpenSslX509CertificateReader.FromFile(String fileName, SafePasswordHandle password, X509KeyStorageFlags keyStorageFlags)
main-api | at System.Security.Cryptography.X509Certificates.X509Certificate..ctor(String fileName, String password, X509KeyStorageFlags keyStorageFlags)
main-api | at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(String fileName, String password)
main-api | at Microsoft.AspNetCore.Server.Kestrel.KestrelConfigurationLoader.LoadCertificate(CertificateConfig certInfo, String endpointName)
main-api | at Microsoft.AspNetCore.Server.Kestrel.KestrelConfigurationLoader.LoadDefaultCert(ConfigurationReader configReader)
main-api | at Microsoft.AspNetCore.Server.Kestrel.KestrelConfigurationLoader.Load()
main-api | at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServer.ValidateOptions()
main-api | at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServer.StartAsync[TContext](IHttpApplication`1 application, CancellationToken cancellationToken)
main-api exited with code 0
使用Linux语法:
$ ls -l $USERPROFILE/.aspnet/https/aspnetapp.pfx
-rw-r--r-- 1 tig28 197609 2652 Dec 17 11:15 'C:\Users\tig28/.aspnet/https/aspnetapp.pfx'
对docker compose文件的微小更改,此处路径将是容器的装载路径
/root/.aspnet/https/ApiHost.pfx
environment:
ASPNETCORE_HTTPS_PORT: 6001
ASPNETCORE_ENVIRONMENT: Development
ASPNETCORE_Kestrel__Certificates__Default__Path:/root/.aspnet/https/ApiHost.pfx
ASPNETCORE_Kestrel__Certificates__Default__Password: <password>
volumes:
- ${USERPROFILE}\.aspnet\https:/root/.aspnet/https
环境:
ASPNETCORE\u HTTPS\u端口:6001
ASPNETCORE_环境:开发
ASPNETCORE\u Kestrel\u证书\u默认路径:/root/.aspnet/https/ApiHost.pfx
ASPNETCORE\u Kestrel\u证书\u默认\u密码:
卷数:
-${USERPROFILE}\.aspnet\https:/root/.aspnet/https
对docker compose文件的微小更改,此处路径将是容器的装载路径/root/.aspnet/https/ApiHost.pfx
environment:
ASPNETCORE_HTTPS_PORT: 6001
ASPNETCORE_ENVIRONMENT: Development
ASPNETCORE_Kestrel__Certificates__Default__Path:/root/.aspnet/https/ApiHost.pfx
ASPNETCORE_Kestrel__Certificates__Default__Password: <password>
volumes:
- ${USERPROFILE}\.aspnet\https:/root/.aspnet/https
环境:
ASPNETCORE\u HTTPS\u端口:6001
ASPNETCORE_环境:开发
ASPNETCORE\u Kestrel\u证书\u默认路径:/root/.aspnet/https/ApiHost.pfx
ASPNETCORE\u Kestrel\u证书\u默认\u密码:
卷数:
-${USERPROFILE}\.aspnet\https:/root/.aspnet/https
这与docker compose有什么关系?查看是否在docker文件中使用docker命令时出现相同的错误ASPNETCORE\u Kestrel\u证书\u默认\u路径
应仅包含有效的文件路径。请从中删除无效部分。如果我将路径更改为仅获得相同的路径,则不会获得此类文件:ASPNETCORE\u Kestrel\uu Certificates\uu Default\uu路径:“%USERPROFILE%\\\.aspnet\\https\\aspnetapp.pfx”根据上面粘贴的输出,您正在尝试构建Linux Docker映像,其中仅限Windows的环境变量(如%USERPROFILE%)通常无效。这与docker compose有什么关系?请查看仅在docker文件ASPNETCORE\u Kestrel\u证书\uu默认\uu路径
中使用docker命令是否会出现相同的错误,该路径应仅包含有效的文件路径。请从中删除无效部分。如果我将路径更改为仅获得相同的路径,则不会获得此类文件:ASPNETCORE\u Kestrel\uu Certificates\uu Default\uu路径:“%USERPROFILE%\\\.aspnet\\https\\aspnetapp.pfx”根据上面粘贴的输出,您正在尝试构建Linux Docker映像,其中仅限Windows的环境变量(如%USERPROFILE%)通常无效。
environment:
ASPNETCORE_HTTPS_PORT: 6001
ASPNETCORE_ENVIRONMENT: Development
ASPNETCORE_Kestrel__Certificates__Default__Path:/root/.aspnet/https/ApiHost.pfx
ASPNETCORE_Kestrel__Certificates__Default__Password: <password>
volumes:
- ${USERPROFILE}\.aspnet\https:/root/.aspnet/https