【发布时间】:2023-01-14 07:27:22
【问题描述】:
我的 startup.cs 已经适用于 https。我将它用于 Windows Server。但是我想实现docker技术。我在没有https的情况下实现了它。在我通过 https 后,它不再起作用了。这是我的 docker 运行命令 =>
docker run --name containername -p 8081:80 -p 8082:443 -e ASPNETCORE_URLS="https://+;http://+" -e ASPNETCORE_HTTPS_PORT=8082 -e ASPNETCORE_Kestrel__Certificates__Default__Password="mypass" -e ASPNETCORE_Kestrel__Certificates__Default__Path=/https/myssl.pfx -v rbpc\.dotnet\https -e DOTNET_SYSTEM_GLOBALIZATION_INVARIANT=false -d username/repositoryname:versionname
这是我在 docker cli 上的错误 =>
crit: Microsoft.AspNetCore.Server.Kestrel[0]
Unable to start Kestrel.
Interop+Crypto+OpenSslCryptographicException: error:2006D080:BIO routines:BIO_new_file:no such file
at Interop.Crypto.CheckValidOpenSslHandle(SafeHandle handle)
at Internal.Cryptography.Pal.OpenSslX509CertificateReader.FromFile(String fileName, SafePasswordHandle password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.X509Certificate..ctor(String fileName, String password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(String fileName, String password)
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Certificates.CertificateConfigLoader.LoadCertificate(CertificateConfig certInfo, String endpointName)
at Microsoft.AspNetCore.Server.Kestrel.KestrelConfigurationLoader.LoadDefaultCert()
at Microsoft.AspNetCore.Server.Kestrel.KestrelConfigurationLoader.Reload()
at Microsoft.AspNetCore.Server.Kestrel.KestrelConfigurationLoader.Load()
at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.BindAsync(CancellationToken cancellationToken)
at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.StartAsync[TContext](IHttpApplication`1 application, CancellationToken cancellationToken)
Unhandled exception. Interop+Crypto+OpenSslCryptographicException: error:2006D080:BIO routines:BIO_new_file:no such file
at Interop.Crypto.CheckValidOpenSslHandle(SafeHandle handle)
at Internal.Cryptography.Pal.OpenSslX509CertificateReader.FromFile(String fileName, SafePasswordHandle password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.X509Certificate..ctor(String fileName, String password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(String fileName, String password)
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Certificates.CertificateConfigLoader.LoadCertificate(CertificateConfig certInfo, String endpointName)
at Microsoft.AspNetCore.Server.Kestrel.KestrelConfigurationLoader.LoadDefaultCert()
at Microsoft.AspNetCore.Server.Kestrel.KestrelConfigurationLoader.Reload()
at Microsoft.AspNetCore.Server.Kestrel.KestrelConfigurationLoader.Load()
at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.BindAsync(CancellationToken cancellationToken)
at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.StartAsync[TContext](IHttpApplication`1 application, CancellationToken cancellationToken)
at Microsoft.AspNetCore.Hosting.GenericWebHostService.StartAsync(CancellationToken cancellationToken)
at Microsoft.Extensions.Hosting.Internal.Host.StartAsync(CancellationToken cancellationToken)
at Microsoft.Extensions.Hosting.HostingAbstractionsHostExtensions.RunAsync(IHost host, CancellationToken token)
at Microsoft.Extensions.Hosting.HostingAbstractionsHostExtensions.RunAsync(IHost host, CancellationToken token)
at Microsoft.Extensions.Hosting.HostingAbstractionsHostExtensions.Run(IHost host)
at MyWebApi.Program.Main(String[] args) in /src/MyWebApi/Program.cs:line 16
【问题讨论】:
-
在我的 docker-compose 中,
ASPNETCORE_之后的部分之间有__(即ASPNETCORE_Kestrel__Certificates__Default__Password)。这有什么区别吗? -
我已将您的建议和错误更改为 x509 @DiplomacyNotWar
-
您的卷装载似乎无效:
-v rbpc\.dotnet\https。我希望你想要-v rbpc\.dotnetnet\https://https -
你的解决方案给了我一个错误,它是“docker:来自守护进程的错误响应:创建 rbpc\.dotnet\https:“rbpc\\.dotnet\\https”包含本地卷名的无效字符,只有“[a-zA- Z0-9][a-zA-Z0-9_.-]" 是允许的。如果您打算传递主机目录,请使用绝对路径。
-
啊,那么你需要
rbpc\.dotnet\https的完整路径(我似乎也打错了)。那是主机上的一个文件夹,对吧?
标签: c# docker asp.net-core ssl dockerfile