如何在 NanoServer 上安装根证书
How to install root certificate on NanoServer
有一些指南展示了如何执行此操作,但它们是不久前的,我似乎找不到它们所指的实用程序 certoc.exe。这是否已从更高版本的 nanoserver 中删除?
https://joshuachini.com/2018/02/08/how-to-import-an-enterprise-certificate-into-a-windows-container/
https://www.ntweekly.com/2017/01/30/install-self-signed-certificate-on-windows-nano-server-2016/
有人知道我应该从哪里获得这个实用程序吗?
我在这里又发现了一条小线索
https://github.com/PowerShell/CertificateDsc/issues/45
这种方法无法在 nano 服务器中使用 Import-Certificate 命令。虽然我也没找到。
如有帮助,干杯。
PS C:\> docker run microsoft/nanoserver:1803_KB4338819 certoc.exe
C:\Program Files\Docker\Docker\Resources\bin\docker.exe: Error response from daemon: container 3f732602c6d8fbbf9370613971a7f40993a54bc33870d3040bf5e9c2fec8969c encountered an error during CreateProcess: failure in a Windows system call: The system cannot find the file specified. (0x2) extra info: {"CommandLine":"certoc.exe","User":"ContainerUser","WorkingDirectory":"C:\","CreateStdInPipe":true,"CreateStdOutPipe":true,"CreateStdErrPipe":true,"ConsoleSize":[0,0]}.
PS C:\> docker run -it microsoft/powershell:6.0.4-nanoserver-1803_kb4338819 certoc.exe
C:\Program Files\Docker\Docker\Resources\bin\docker.exe: Error response from daemon: container 285d821dccac930df5681e73842f8ce2bac812f361a6b9d14b00dcb4901a9141 encountered an error during CreateProcess: failure in a Windows system call: The system cannot find the file specified. (0x2) extra info: {"CommandLine":"certoc.exe","User":"ContainerUser","WorkingDirectory":"C:\","Environment":{"PSCORE":"C:\Program Files\PowerShell\pwsh.exe","ProgramFiles":"C:\Program Files"},"EmulateConsole":true,"CreateStdInPipe":true,"CreateStdOutPipe":true,"ConsoleSize":[42,249]}.
PS C:\> docker run microsoft/powershell:6.0.4-nanoserver-1803_kb4338819 pwsh -Command "Get-Help Import-Certificate"
Get-Help : Get-Help could not find Import-Certificate in a help file in this session. To download updated help topics type: "Update-Help". To get help online, search for the help topic in the TechNet library at https://go.microsoft.com/fwlink/?LinkID=107116.
由于某种原因,certoc.exe 已从 1709 和 1803 中删除。如果你想把它放在你的图片上,你可以从 microsoft/nanoserver:sac2016
获取它
FROM microsoft/nanoserver:sac2016 as tool
FROM microsoft/dotnet:2.1-runtime-nanoserver-1709
COPY --from=tool /Windows/System32/certoc.exe .
有一些指南展示了如何执行此操作,但它们是不久前的,我似乎找不到它们所指的实用程序 certoc.exe。这是否已从更高版本的 nanoserver 中删除?
https://joshuachini.com/2018/02/08/how-to-import-an-enterprise-certificate-into-a-windows-container/
https://www.ntweekly.com/2017/01/30/install-self-signed-certificate-on-windows-nano-server-2016/
有人知道我应该从哪里获得这个实用程序吗?
我在这里又发现了一条小线索 https://github.com/PowerShell/CertificateDsc/issues/45
这种方法无法在 nano 服务器中使用 Import-Certificate 命令。虽然我也没找到。
如有帮助,干杯。
PS C:\> docker run microsoft/nanoserver:1803_KB4338819 certoc.exe
C:\Program Files\Docker\Docker\Resources\bin\docker.exe: Error response from daemon: container 3f732602c6d8fbbf9370613971a7f40993a54bc33870d3040bf5e9c2fec8969c encountered an error during CreateProcess: failure in a Windows system call: The system cannot find the file specified. (0x2) extra info: {"CommandLine":"certoc.exe","User":"ContainerUser","WorkingDirectory":"C:\","CreateStdInPipe":true,"CreateStdOutPipe":true,"CreateStdErrPipe":true,"ConsoleSize":[0,0]}.
PS C:\> docker run -it microsoft/powershell:6.0.4-nanoserver-1803_kb4338819 certoc.exe
C:\Program Files\Docker\Docker\Resources\bin\docker.exe: Error response from daemon: container 285d821dccac930df5681e73842f8ce2bac812f361a6b9d14b00dcb4901a9141 encountered an error during CreateProcess: failure in a Windows system call: The system cannot find the file specified. (0x2) extra info: {"CommandLine":"certoc.exe","User":"ContainerUser","WorkingDirectory":"C:\","Environment":{"PSCORE":"C:\Program Files\PowerShell\pwsh.exe","ProgramFiles":"C:\Program Files"},"EmulateConsole":true,"CreateStdInPipe":true,"CreateStdOutPipe":true,"ConsoleSize":[42,249]}.
PS C:\> docker run microsoft/powershell:6.0.4-nanoserver-1803_kb4338819 pwsh -Command "Get-Help Import-Certificate"
Get-Help : Get-Help could not find Import-Certificate in a help file in this session. To download updated help topics type: "Update-Help". To get help online, search for the help topic in the TechNet library at https://go.microsoft.com/fwlink/?LinkID=107116.
certoc.exe 已从 1709 和 1803 中删除。如果你想把它放在你的图片上,你可以从 microsoft/nanoserver:sac2016
FROM microsoft/nanoserver:sac2016 as tool
FROM microsoft/dotnet:2.1-runtime-nanoserver-1709
COPY --from=tool /Windows/System32/certoc.exe .