如果您想使用自签名证书在开发中运行,您可以遵循here https://github.com/dotnet/dotnet-docker/blob/master/samples/run-aspnetcore-https-development.md文章。对于生产场景here https://github.com/dotnet/dotnet-docker/blob/master/samples/host-aspnetcore-https.md.
简而言之,建议的方法与您正在使用的方法不同,因为可以引用包含您的证书和 dotnet 机密的文件夹来安装两个卷。
您可以将主机“%USER%\.aspnet\https”文件夹映射到来宾“/root/.aspnet/https/”,并将主机“%APPDATA%\microsoft\UserSecrets\”文件夹映射到来宾“/root/” .microsoft/usersecrets”。
生产和开发之间的主要区别在于,在生产中您不会使用机密,您需要传递包含证书和密码的文件夹才能使用环境变量访问它:
- ASPNETCORE_Kestrel__证书__默认__路径
- ASPNETCORE_Kestrel__证书__默认__密码
Kestrel 将在您的 Linux 客户机上的“/root/.aspnet/https/”文件夹中查找与您的项目同名的证书。
如果我使用您的 appsettings.Development.json 启用跟踪:
"Logging": {
"LogLevel": {
"Default": "Trace ",
"System": "Trace ",
"Microsoft": "Trace"
}
}
如果我在没有在来宾容器中安装证书的情况下开始运行示例应用程序,我会看到以下错误:
root@7afc71f877ce:/app# dotnet helloworld.dll
dbug: Microsoft.Extensions.Hosting.Internal.Host[1]
Hosting starting
dbug: Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServer[2]
Failed to locate the development https certificate at '/root/.aspnet/https/helloworld.pfx'.
dbug: Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServer[1]
Unable to locate an appropriate development https certificate.
crit: Microsoft.AspNetCore.Server.Kestrel[0]
Unable to start Kestrel.
System.InvalidOperationException: Unable to configure HTTPS endpoint. No server certificate was specified, and the default developer certificate could not be found or is out of date.
To generate a developer certificate run 'dotnet dev-certs https'. To trust the certificate (Windows and macOS only) run 'dotnet dev-certs https --trust'.
希望能帮助到你。