Use HTTPS within an ASP.NET container

If you are using IIS as a Web Server to host your ASP.NET Website, you are doing it inside a Windows Server Core based container and you are reading this article, maybe you want to use HTTPS to allow secure connections to it.

Use HTTPS within an ASP.NET container

Assuming you are using the microsoft/aspnet base image and you have your pfx ready, in order to achieve your goal, you have to follow three simple steps:

  1. Place your “myCertificate.pfx” certificate file in the root folder of your published ASP.NET project
    mycertificate.pfx in asp.net container for https
  2. In the same folder, create a file named “ssl.ps1”:
    $securePfxPass = [Environment]::GetEnvironmentVariable("CERT_PASS") | ConvertTo-SecureString -AsPlainText -Force
    Import-PfxCertificate -Password $securePfxPass -CertStoreLocation Cert:\LocalMachine\My -FilePath c:\inetpub\wwwroot\myCertificate.pfx   
    
    $pfxThumbprint = (Get-PfxData -FilePath c:\inetpub\wwwroot\myCertificate.pfx -Password $securePfxPass).EndEntityCertificates.Thumbprint
    
    $binding = New-WebBinding -Name "Default Web Site" -Protocol https -IPAddress * -Port 443;
    $binding = Get-WebBinding -Name "Default Web Site" -Protocol https;
    $binding.AddSslCertificate($pfxThumbprint, "my");
    
    #You should remove both the PFX password from the Environment Variable and the .pfx file
    [Environment]::SetEnvironmentVariable("CERT_PASS",$null)
  3. Modify your Dockerfile as follows
    FROM microsoft/aspnet:4.6.2
    ARG site_root=.
    ADD ${site_root} /inetpub/wwwroot
    
    EXPOSE 443
    
    #Set the CERT_PASS with the password of your PFX certificate
    ENV CERT_PASS Password123
    
    #Eventually modify the path of your Powershell script
    RUN ["powershell", "C:/inetpub/wwwroot/ssl.ps1"]

That’s it. Enjoy!

Spread this article

3 Replies to “Use HTTPS within an ASP.NET container”

  1. Aravindan Venketesan says: Reply

    this link save my lot of time… thanks lot

  2. Exactly what I needed, thanks.

  3. I guess the question is now, how do I get the .pfx? Normally I would use IIS manager to create a certicate request and use that to get a cert from a cert athority?

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.