Open in app

Sign up

Sign in

Write

Sign up

Sign in

Home

Following

Library

Stories

Stats

codeburst

Bursts of code to power through your day. Web Development articles, tutorials, and news.

Follow publication

Hosting an ASP.NET Core App on Docker with HTTPS

How to run an ASP.NET Core app in a docker container with HTTPS?

Changhui Xu
codeburst
Published in
5 min readMay 18, 2020

This post is intended to provide some additional information to the official documentation, Hosting ASP.NET Core images with Docker Compose over HTTPS, in Microsoft Docs. In this post, we will only talk about hosting an app using Kestrel as an edge (internet-facing) web server, without a reverse proxy server, which is the same scope as that in the official documentation.

You can find a sample app from my GitHub repository, and you can play with the sample app given that you have installed the Docker Desktop.

SSL Certificate

Why do we need an SSL certificate in the development environment?

ASP.NET Core supports HTTPS by default, and HTTPS relies on certificates for trust and encryption. If our application uses the HTTPS redirection middleware, but we don’t supply an SSL certificate, then we may get an “Unable to start Kestrel” exception with the following message.

System.InvalidOperationException: Unable to configure HTTPS endpoint. No server certificate was specified, and the default developer certificate could not be found or is out of date.

To achieve the full HTTPS support in the development environment, we need a trusted localhost certificate. Fortunately, it is simple to create a self-signed SSL certificate by following the official documentation. We can export a private key file (aspnetapp.pfx) to an ASP.NET default location using the following command (on Windows).

dotnet dev-certs https -ep %USERPROFILE%\.aspnet\https\aspnetapp.pfx -p { password here }

NOTE: The command above only works in a command prompt (CMD), but not in a bash or a PowerShell terminal. PowerShell is not able to interpret the environment variable %USERPROFILE%, which should be $env:userprofile instead. So the equivalent command in PowerShell is as follows:

dotnet dev-certs https -ep $env:USERPROFILE\.aspnet\https\aspnetapp.pfx -p { password here }

The private key file can be exported to any location or with a different file name, and we can export it as many times as we want. We will supply an…

Create an account to read the full story.

The author made this story available to Medium members only.
If you’re new to Medium, create a new account to read this story on us.

Continue in app
Or, continue in mobile web

Already have an account? Sign in

codeburst
codeburst
Follow

Published in codeburst

105K Followers
Last published May 19, 2021

Bursts of code to power through your day. Web Development articles, tutorials, and news.

Follow
Changhui Xu
Changhui Xu
Follow

Written by Changhui Xu

1.4K Followers
43 Following

Lead Application Developer. MBA. I write blogs about .NET, Angular, JavaScript/TypeScript, Docker, AWS, DDD, and many others.

Follow

Responses (1)

Write a response

What are your thoughts?

Sandor Maraczy

May 14, 2021

Is it possible to have configure this on linux as well? All the examples I have seen was made on windows....

--

More from Changhui Xu and codeburst

See all from Changhui Xu
See all from codeburst

Recommended from Medium

See more recommendations

Help

Status

About

Careers

Press

Blog

Privacy

Rules

Terms

Text to speech