Security and Identity - Docker Compose with HTTPS
In this article
Prerequisites
Certificates
-
The
dotnet dev-certstool is not required. -
Certificates don't need to be stored in the location used in the instructions. Store the certificates in any location outside the site directory.
-
It makes it difficult to use the same image for testing with developer certificates.
-
It makes it difficult to use the same image for Hosting with production certificates.
-
There is significant risk of certificate disclosure.
Starting a container with https support using docker compose
Windows using Linux containers
dotnet dev-certs https -ep "$env:USERPROFILE\.aspnet\https\aspnetapp.pfx" -p $CREDENTIAL_PLACEHOLDER$
dotnet dev-certs https --trust
dotnet dev-certs https -ep %USERPROFILE%\.aspnet\https\aspnetapp.pfx -p $CREDENTIAL_PLACEHOLDER$
dotnet dev-certs https --trust
version: '3.4'
services:
webapp:
image: mcr.microsoft.com/dotnet/samples:aspnetapp
ports:
- 80
- 443
environment:
- ASPNETCORE_ENVIRONMENT=Development
- ASPNETCORE_URLS=https://+:443;http://+:80
- ASPNETCORE_Kestrel__Certificates__Default__Password=password
- ASPNETCORE_Kestrel__Certificates__Default__Path=/https/aspnetapp.pfx
volumes:
- ~/.aspnet/https:/https:ro
docker-compose -f "docker-compose.debug.yml" up -d
macOS or Linux
dotnet dev-certs https -ep ${HOME}/.aspnet/https/aspnetapp.pfx -p $CREDENTIAL_PLACEHOLDER$
dotnet dev-certs https --trust
version: '3.4'
services:
webapp:
image: mcr.microsoft.com/dotnet/samples:aspnetapp
ports:
- 80
- 443
environment:
- ASPNETCORE_ENVIRONMENT=Development
- ASPNETCORE_URLS=https://+:443;http://+:80
- ASPNETCORE_Kestrel__Certificates__Default__Password=password
- ASPNETCORE_Kestrel__Certificates__Default__Path=/https/aspnetapp.pfx
volumes:
- ~/.aspnet/https:/https:ro
docker-compose -f "docker-compose.debug.yml" up -d
Windows using Windows containers
dotnet dev-certs https -ep %USERPROFILE%\.aspnet\https\aspnetapp.pfx -p $CREDENTIAL_PLACEHOLDER$
dotnet dev-certs https --trust
version: '3.4'
services:
webapp:
image: mcr.microsoft.com/dotnet/samples:aspnetapp
ports:
- 80
- 443
environment:
- ASPNETCORE_ENVIRONMENT=Development
- ASPNETCORE_URLS=https://+:443;http://+:80
- ASPNETCORE_Kestrel__Certificates__Default__Password=password
- ASPNETCORE_Kestrel__Certificates__Default__Path=C:\https\aspnetapp.pfx
volumes:
- ${USERPROFILE}\.aspnet\https:C:\https:ro
docker-compose -f "docker-compose.debug.yml" up -d
See also
dotnet dev-certs
Ref: Hosting ASP.NET Core images with Docker Compose over HTTPS