If you are using IIS as a Web Server to host your ASP.NET Website, you are doing it inside a Windows Server Core based container and you are reading this article, maybe you want to use HTTPS to allow secure connections to it.
Use HTTPS within an ASP.NET container
Assuming you are using the microsoft/aspnet base image and you have your pfx ready, in order to achieve your goal, you have to follow three simple steps:
- Place your “myCertificate.pfx” certificate file in the root folder of your published ASP.NET project
- In the same folder, create a file named “ssl.ps1”:
1 2 3 4 5 6 7 8 9 10 11$securePfxPass = [Environment]::GetEnvironmentVariable("CERT_PASS") | ConvertTo-SecureString -AsPlainText -Force Import-PfxCertificate -Password $securePfxPass -CertStoreLocation Cert:\LocalMachine\My -FilePath c:\inetpub\wwwroot\myCertificate.pfx $pfxThumbprint = (Get-PfxData -FilePath c:\inetpub\wwwroot\myCertificate.pfx -Password $securePfxPass).EndEntityCertificates.Thumbprint $binding = New-WebBinding -Name "Default Web Site" -Protocol https -IPAddress * -Port 443; $binding = Get-WebBinding -Name "Default Web Site" -Protocol https; $binding.AddSslCertificate($pfxThumbprint, "my"); #You should remove both the PFX password from the Environment Variable and the .pfx file [Environment]::SetEnvironmentVariable("CERT_PASS",$null) - Modify your Dockerfile as follows:
1 2 3 4 5 6 7 8 9 10 11FROM microsoft/aspnet:4.6.2 ARG site_root=. ADD ${site_root} /inetpub/wwwroot EXPOSE 443 #Set the CERT_PASS with the password of your PFX certificate ENV CERT_PASS Password123 #Eventually modify the path of your Powershell script RUN ["powershell", "C:/inetpub/wwwroot/ssl.ps1"]
That’s it. Enjoy!