If you are using IIS as a Web Server to host your ASP.NET Website, you are doing it inside a Windows Server Core based container and you are reading this article, maybe you want to use HTTPS to allow secure connections to it.
Use HTTPS within an ASP.NET container
Assuming you are using the microsoft/aspnet base image and you have your pfx ready, in order to achieve your goal, you have to follow three simple steps:
- Place your “myCertificate.pfx” certificate file in the root folder of your published ASP.NET project
- In the same folder, create a file named “ssl.ps1”:
$securePfxPass = [Environment]::GetEnvironmentVariable("CERT_PASS") | ConvertTo-SecureString -AsPlainText -Force
Import-PfxCertificate -Password $securePfxPass -CertStoreLocation Cert:\LocalMachine\My -FilePath c:\inetpub\wwwroot\myCertificate.pfx
$pfxThumbprint = (Get-PfxData -FilePath c:\inetpub\wwwroot\myCertificate.pfx -Password $securePfxPass).EndEntityCertificates.Thumbprint
$binding = New-WebBinding -Name "Default Web Site" -Protocol https -IPAddress * -Port 443;
$binding = Get-WebBinding -Name "Default Web Site" -Protocol https;
$binding.AddSslCertificate($pfxThumbprint, "my");
#You should remove both the PFX password from the Environment Variable and the .pfx file
[Environment]::SetEnvironmentVariable("CERT_PASS",$null)
- Modify your Dockerfile as follows
FROM microsoft/aspnet:4.6.2
ARG site_root=.
ADD ${site_root} /inetpub/wwwroot
EXPOSE 443
#Set the CERT_PASS with the password of your PFX certificate
ENV CERT_PASS Password123
#Eventually modify the path of your Powershell script
RUN ["powershell", "C:/inetpub/wwwroot/ssl.ps1"]
That’s it. Enjoy!
this link save my lot of time… thanks lot
Exactly what I needed, thanks.
I guess the question is now, how do I get the .pfx? Normally I would use IIS manager to create a certicate request and use that to get a cert from a cert athority?