The repository contains 3 approaches for generation and using of ssl certificates in ASP.NET application, hosted in Docker.
3 previous commits explained these approaches:
-
OOTB approach. VS does all required things, when the new ASP.NET Core application is generated. The certificate is generated by VS and put into %USERPROFILE%\AppData\Roaming\ASP.NET\Https\ folder. It is protected by a password, which is placed in UserSecrets file. Then, folders with the certificate and UserSecrets are binded to a container
-
Get rid of folders binding:
The %USERPROFILE%\AppData\Roaming\ASP.NET\Https*.pfx file needs to be copied to in WebAppWithSsl/Cert directory. It allows to put it into image as a part of image preparation and don't bind host folders to a container. In order to do not bind a UserSecrets folder, the password should be passed in an environment variable: --env Kestrel__Certificates__Development__Password=....
- The ssl-certificate is generated as a part of a docker image preparation. It should be copied to the final image, BUT path is different: /root/.dotnet/corefx/cryptography/x509stores/my/ It doesn't work if the certificate is copied to /root/.aspnet/https