How to setup the dev certificate when using Docker in development · Issue #6199 · dotnet/AspNetCore.Docs (original) (raw)

related #3310
Javier is contact:
This needs to go in Enforce HTTPS in an ASP.NET Core
The first time you run dotnet after installing the SDK you get this message
Successfully installed the ASP.NET Core HTTPS Development Certificate.
To trust the certificate run 'dotnet dev-certs https --trust' (Windows and macOS only). For establishing trust on other platforms please refer to the platform specific documentation.
For more information on configuring HTTPS see https://go.microsoft.com/fwlink/?linkid=848054.

Copied from #3310
We also need to cover how to setup the dev certificate when using Docker in development:

• Create an application on Visual Studio using the MVC template.

• Run the app to ensure its working.

• Add docker support for the application through the tooling.

• Modify the dockerfile to expose the port 443 with
  EXPOSE 443

• Modify the docker-compose override file to map ports, volumes and environement variables as follows (this will all be unnecessary after docker tooling has support for HTTPS):

  environment: - ASPNETCORE_ENVIRONMENT=Development - ASPNETCORE_URLS=https://localhost;http://localhost - ASPNETCORE_HTTPS_PORT=44349 ports:

  Replace the values on the left by the values on your launchSettings.json

  - "51217:80"
  - "44349:443"

  volumes: - ${APPDATA}/Microsoft/UserSecrets/:/root/.microsoft/usersecrets - ${APPDATA}/ASP.NET/Https:/root/.aspnet/https/

• Export the HTTPS certificate into a PFX file using the dev-certs global tool to %APPDATA%/ASP.NET/Https/<>.pfx using a password of your choice (recommended password new-guid on powershell)

• On your project, open user secrets and add the following configuration keys:

{ "Kestrel":{ "Certificates":{ "Default":{ "Path": "/root/.aspnet/https/>.pfx", "Password": "<>" } } } }

• Run your application within the container.
• Navigate to the HTTP endpoint on your application
  • You should not see any warning about the HTTPS certificate being invalid.
  • You should be redirected to the HTTPS endpoint automatically.