解决ASP.NET Core通过docker-compose up启动应用无法配置https的解决办法
2019/9/2更新:
不再推荐用这篇文章的方法配置https,推荐用nginx反向代理ASP.NET Core然后在nginx上配ssl证书
错误重现一下:
- 新建了一个ASP.NET Core应用,在VS2017下添加Docker支持,选择Linux环境
- 然后再给这个web应用再右键添加容器业务流程协调程序支持,然后解决方案就多了一个docker-compose的项目
通过VS2017的调试是可以通过docker-compose启动web应用项目的,并且会弹出提示信任证书的提示,但是,在CMD或PowerShell中使用
docker-compose build docker-compose up
却抛出Unable to start Kestrel.的错误提示
crit: Microsoft.AspNetCore.Server.Kestrel[0] Unable to start Kestrel. System.InvalidOperationException: Unable to configure HTTPS endpoint. No server certificate was specified, and the default developer certificate could not be found. To generate a developer certificate run 'dotnet dev-certs https'. To trust the certificate (Windows and macOS only) run 'dotnet dev-certs https --trust'. For more information on configuring HTTPS see https://go.microsoft.com/fwlink/?linkid=848054. at Microsoft.AspNetCore.Hosting.ListenOptionsHttpsExtensions.UseHttps(ListenOptions listenOptions, Action`1 configureOptions) at Microsoft.AspNetCore.Hosting.ListenOptionsHttpsExtensions.UseHttps(ListenOptions listenOptions) at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.AddressesStrategy.BindAsync(AddressBindContext context) at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.BindAsync(IServerAddressesFeature addresses, KestrelServerOptions serverOptions, ILogger logger, Func`2 createBinding) at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServer.StartAsync[TContext](IHttpApplication`1 application, CancellationToken cancellationToken) Unhandled Exception: System.InvalidOperationException: Unable to configure HTTPS endpoint. No server certificate was specified, and the default developer certificate could not be found. To generate a developer certificate run 'dotnet dev-certs https'. To trust the certificate (Windows and macOS only) run 'dotnet dev-certs https --trust'. For more information on configuring HTTPS see https://go.microsoft.com/fwlink/?linkid=848054. at Microsoft.AspNetCore.Hosting.ListenOptionsHttpsExtensions.UseHttps(ListenOptions listenOptions, Action`1 configureOptions) at Microsoft.AspNetCore.Hosting.ListenOptionsHttpsExtensions.UseHttps(ListenOptions listenOptions) at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.AddressesStrategy.BindAsync(AddressBindContext context) at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.BindAsync(IServerAddressesFeature addresses, KestrelServerOptions serverOptions, ILogger logger, Func`2 createBinding) at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServer.StartAsync[TContext](IHttpApplication`1 application, CancellationToken cancellationToken) at Microsoft.AspNetCore.Hosting.Internal.WebHost.StartAsync(CancellationToken cancellationToken) at Microsoft.AspNetCore.Hosting.WebHostExtensions.RunAsync(IWebHost host, CancellationToken token, String shutdownMessage) at Microsoft.AspNetCore.Hosting.WebHostExtensions.RunAsync(IWebHost host, CancellationToken token) at Microsoft.AspNetCore.Hosting.WebHostExtensions.Run(IWebHost host) at WebApplication1.Program.Main(String[] args) in /src/WebApplication1/Program.cs:line 31
问题重现完成,我的解决方案如下:
Step 1. 编辑Dockerfile
1 FROM microsoft/dotnet:2.1-aspnetcore-runtime AS base 2 WORKDIR /app 3 EXPOSE 80 4 EXPOSE 443 5 6 FROM microsoft/dotnet:2.1-sdk AS build 7 WORKDIR /app 8 RUN dotnet dev-certs https --clean 9 RUN dotnet dev-certs https -ep ./WebApplication1.pfx -p crypticpassword 10 WORKDIR /src 11 COPY WebApplication1/WebApplication1.csproj WebApplication1/ 12 RUN dotnet restore WebApplication1/WebApplication1.csproj 13 COPY . . 14 WORKDIR /src/WebApplication1 15 RUN dotnet build WebApplication1.csproj -c Release -o /app 16 17 FROM build AS publish 18 RUN dotnet publish WebApplication1.csproj -c Release -o /app 19 20 FROM base AS final 21 WORKDIR /app 22 COPY --from=publish /app . 23 ENTRYPOINT ["dotnet", "WebApplication1.dll"]
步骤1主要在第6行后面加了如下操作:
1 FROM microsoft/dotnet:2.1-sdk AS build 2 WORKDIR /app 3 RUN dotnet dev-certs https --clean 4 RUN dotnet dev-certs https -ep ./WebApplication1.pfx -p crypticpassword
Step 2.编辑docker-compose.override.yml
1 version: '3.4' 2 3 services: 4 webapplication1: 5 environment: 6 - ASPNETCORE_ENVIRONMENT=Development 7 - ASPNETCORE_URLS=https://+:443;http://+:80 8 - ASPNETCORE_HTTPS_PORT=44380 9 - ASPNETCORE_Kestrel__Certificates__Default__Password=crypticpassword 10 - ASPNETCORE_Kestrel__Certificates__Default__Path=./WebApplication1.pfx 11 ports: 12 - "62084:80" 13 - "44380:443" 14 volumes: 15 - ${APPDATA}/ASP.NET/Https:/root/.aspnet/https:ro 16 - ${APPDATA}/Microsoft/UserSecrets:/root/.microsoft/usersecrets:ro
步骤2主要添加了两个环境变量:
1 environment: 2 - ASPNETCORE_Kestrel__Certificates__Default__Password=crypticpassword 3 - ASPNETCORE_Kestrel__Certificates__Default__Path=./WebApplication1.pfx
Step 3. 再次运行命令
1 docker-compose build 2 docker-compose up
1 Hosting environment: Development 2 Content root path: /app 3 Now listening on: https://[::]:443 4 Now listening on: http://[::]:80 5 Application started. Press Ctrl+C to shut down.
问题解决成功!
注意:
- crypticpassword换成你的证书密码
- WebApplication1是你自己的web应用名称
以上只是我的的解决方案,GitHub有一些不同的解决方案,请参考如下连接。
https://github.com/aspnet/Docs/issues/6199