• 解决ASP.NET Core通过docker-compose up启动应用无法配置https的解决办法


    2019/9/2更新:

    不再推荐用这篇文章的方法配置https,推荐用nginx反向代理ASP.NET Core然后在nginx上配ssl证书

    错误重现一下:

    1. 新建了一个ASP.NET Core应用,在VS2017下添加Docker支持,选择Linux环境
    2. 然后再给这个web应用再右键添加容器业务流程协调程序支持,然后解决方案就多了一个docker-compose的项目

    通过VS2017的调试是可以通过docker-compose启动web应用项目的,并且会弹出提示信任证书的提示,但是,在CMDPowerShell中使用

    docker-compose build
    docker-compose up
    

      却抛出Unable to start Kestrel.的错误提示

    crit: Microsoft.AspNetCore.Server.Kestrel[0]
          Unable to start Kestrel.
    System.InvalidOperationException: Unable to configure HTTPS endpoint. No server certificate was specified, and the default developer certificate could not be found.
    To generate a developer certificate run 'dotnet dev-certs https'. To trust the certificate (Windows and macOS only) run 'dotnet dev-certs https --trust'.
    For more information on configuring HTTPS see https://go.microsoft.com/fwlink/?linkid=848054.
       at Microsoft.AspNetCore.Hosting.ListenOptionsHttpsExtensions.UseHttps(ListenOptions listenOptions, Action`1 configureOptions)
       at Microsoft.AspNetCore.Hosting.ListenOptionsHttpsExtensions.UseHttps(ListenOptions listenOptions)
       at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.AddressesStrategy.BindAsync(AddressBindContext context)
       at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.BindAsync(IServerAddressesFeature addresses, KestrelServerOptions serverOptions, ILogger logger, Func`2 createBinding)
       at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServer.StartAsync[TContext](IHttpApplication`1 application, CancellationToken cancellationToken)
    
    Unhandled Exception: System.InvalidOperationException: Unable to configure HTTPS endpoint. No server certificate was specified, and the default developer certificate could not be found.
    To generate a developer certificate run 'dotnet dev-certs https'. To trust the certificate (Windows and macOS only) run 'dotnet dev-certs https --trust'.
    For more information on configuring HTTPS see https://go.microsoft.com/fwlink/?linkid=848054.
       at Microsoft.AspNetCore.Hosting.ListenOptionsHttpsExtensions.UseHttps(ListenOptions listenOptions, Action`1 configureOptions)
       at Microsoft.AspNetCore.Hosting.ListenOptionsHttpsExtensions.UseHttps(ListenOptions listenOptions)
       at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.AddressesStrategy.BindAsync(AddressBindContext context)
       at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.BindAsync(IServerAddressesFeature addresses, KestrelServerOptions serverOptions, ILogger logger, Func`2 createBinding)
       at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServer.StartAsync[TContext](IHttpApplication`1 application, CancellationToken cancellationToken)
       at Microsoft.AspNetCore.Hosting.Internal.WebHost.StartAsync(CancellationToken cancellationToken)
       at Microsoft.AspNetCore.Hosting.WebHostExtensions.RunAsync(IWebHost host, CancellationToken token, String shutdownMessage)
       at Microsoft.AspNetCore.Hosting.WebHostExtensions.RunAsync(IWebHost host, CancellationToken token)
       at Microsoft.AspNetCore.Hosting.WebHostExtensions.Run(IWebHost host)
       at WebApplication1.Program.Main(String[] args) in /src/WebApplication1/Program.cs:line 31

    问题重现完成,我的解决方案如下:

    Step 1. 编辑Dockerfile

     1 FROM microsoft/dotnet:2.1-aspnetcore-runtime AS base
     2 WORKDIR /app
     3 EXPOSE 80
     4 EXPOSE 443
     5 
     6 FROM microsoft/dotnet:2.1-sdk AS build
     7 WORKDIR /app
     8 RUN dotnet dev-certs https --clean
     9 RUN dotnet dev-certs https -ep ./WebApplication1.pfx  -p crypticpassword
    10 WORKDIR /src
    11 COPY WebApplication1/WebApplication1.csproj WebApplication1/
    12 RUN dotnet restore WebApplication1/WebApplication1.csproj
    13 COPY . .
    14 WORKDIR /src/WebApplication1
    15 RUN dotnet build WebApplication1.csproj -c Release -o /app
    16 
    17 FROM build AS publish
    18 RUN dotnet publish WebApplication1.csproj -c Release -o /app
    19 
    20 FROM base AS final
    21 WORKDIR /app
    22 COPY --from=publish /app .
    23 ENTRYPOINT ["dotnet", "WebApplication1.dll"]

    步骤1主要在第6行后面加了如下操作:

    1 FROM microsoft/dotnet:2.1-sdk AS build
    2 WORKDIR /app
    3 RUN dotnet dev-certs https --clean
    4 RUN dotnet dev-certs https -ep ./WebApplication1.pfx  -p crypticpassword

    Step 2.编辑docker-compose.override.yml

     1 version: '3.4'
     2 
     3 services:
     4   webapplication1:
     5     environment:
     6       - ASPNETCORE_ENVIRONMENT=Development
     7       - ASPNETCORE_URLS=https://+:443;http://+:80
     8       - ASPNETCORE_HTTPS_PORT=44380
     9       - ASPNETCORE_Kestrel__Certificates__Default__Password=crypticpassword
    10       - ASPNETCORE_Kestrel__Certificates__Default__Path=./WebApplication1.pfx
    11     ports:
    12       - "62084:80"
    13       - "44380:443"
    14     volumes:
    15       - ${APPDATA}/ASP.NET/Https:/root/.aspnet/https:ro
    16       - ${APPDATA}/Microsoft/UserSecrets:/root/.microsoft/usersecrets:ro

    步骤2主要添加了两个环境变量:

    1     environment:
    2       - ASPNETCORE_Kestrel__Certificates__Default__Password=crypticpassword
    3       - ASPNETCORE_Kestrel__Certificates__Default__Path=./WebApplication1.pfx

    Step 3. 再次运行命令

    1 docker-compose build
    2 docker-compose up
    1 Hosting environment: Development
    2 Content root path: /app
    3 Now listening on: https://[::]:443
    4 Now listening on: http://[::]:80
    5 Application started. Press Ctrl+C to shut down.

    问题解决成功!

    注意:

    • crypticpassword换成你的证书密码
    • WebApplication1是你自己的web应用名称

    以上只是我的的解决方案,GitHub有一些不同的解决方案,请参考如下连接。

    https://github.com/aspnet/Docs/issues/6199

    https://github.com/dotnet/dotnet-docker/issues/630

    https://docs.microsoft.com/zh-cn/aspnet/core/security/enforcing-ssl?view=aspnetcore-2.2&tabs=visual-studio

  • 相关阅读:
    1.python全栈之路:python基础
    21、指定元素置后——数组
    20、泰勒展开式
    19、显示表达式的运算形式
    1、模拟蚂蚁借呗—利息计算
    05、C语言——循环结构
    04、C语言——选择结构
    03、C语言——顺序结构
    02、C语言——C语言组成与数据
    07、C语言——函数
  • 原文地址:https://www.cnblogs.com/myhalo/p/10437453.html
走看看 - 开发者的网上家园