将 Kestrel 绑定到 docker 内的 https 443 端口 运行 时出错 "Object was not found"
Error "Object was not found" on bind Kestrel to https 443 port running inside docker
我有一个 dotnet 核心应用程序,它需要 运行 在 windows 核心容器中并公开 443 端口 (https)
我将证书传递给了容器,为用户路径和密码设置了环境变量。
应用程序能够找到 de 证书,但失败并出现以下错误:
crit: Microsoft.AspNetCore.Server.Kestrel[0]
Unable to start Kestrel.
Internal.Cryptography.CryptoThrowHelper+WindowsCryptographicException: Object was not found.
该证书是本地主机域的自签名证书。
我尝试将服务器 localhost 添加到 docker 容器,但也没有成功。
这不是证书密码或证书位置的问题,因为这些问题会给出明确的错误。
此处docker相关配置文件:
Docker 文件:
FROM mcr.microsoft.com/dotnet/aspnet:5.0 AS base
WORKDIR /app
EXPOSE 443
VOLUME c:/certificates
COPY . .
#place to put the https certificate
ENV ASPNETCORE_URLS="https://+:443"
ENV ASPNETCORE_HTTPS_PORT=8243
ENTRYPOINT ["dotnet", "webApp.dll"]
docker-compose.yaml 文件:
version: '3.4'
services:
webApp:
container_name: webApp
build:
context: ..\webApp\
dockerfile: Dockerfile
volumes:
- type: bind
source: d:/certificates
target: c:/certificates
environment:
- ASPNETCORE_Kestrel__Certificates__Default__Password=somepass
- ASPNETCORE_Kestrel__Certificates__Default__Path=c:\certificates\servercert.pfx
ports:
- "8243:443"
extra_hosts:
- "localhost:127.0.0.1"
networks:
- net
networks:
net:
如何运行:
docker-compose run wepApp
完整的错误堆栈:
crit: Microsoft.AspNetCore.Server.Kestrel[0]
Unable to start Kestrel.
Internal.Cryptography.CryptoThrowHelper+WindowsCryptographicException: Object was not found.
at Internal.Cryptography.Pal.CertificatePal.FilterPFXStore(ReadOnlySpan`1 rawData, SafePasswordHandle password, PfxCertStoreFlags pfxCertStoreFlags)
at Internal.Cryptography.Pal.CertificatePal.FromBlobOrFile(ReadOnlySpan`1 rawData, String fileName, SafePasswordHandle password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.X509Certificate..ctor(String fileName, String password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(String fileName, String password)
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Certificates.CertificateConfigLoader.LoadCertificate(CertificateConfig certInfo, String endpointName)
at Microsoft.AspNetCore.Server.Kestrel.KestrelConfigurationLoader.LoadDefaultCert()
at Microsoft.AspNetCore.Server.Kestrel.KestrelConfigurationLoader.Reload()
at Microsoft.AspNetCore.Server.Kestrel.KestrelConfigurationLoader.Load()
at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.BindAsync(CancellationToken cancellationToken)
at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.StartAsync[TContext](IHttpApplication`1 application, CancellationToken cancellationToken)
Unhandled exception. Internal.Cryptography.CryptoThrowHelper+WindowsCryptographicException: Object was not found.
at Internal.Cryptography.Pal.CertificatePal.FilterPFXStore(ReadOnlySpan`1 rawData, SafePasswordHandle password, PfxCertStoreFlags pfxCertStoreFlags)
at Internal.Cryptography.Pal.CertificatePal.FromBlobOrFile(ReadOnlySpan`1 rawData, String fileName, SafePasswordHandle password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.X509Certificate..ctor(String fileName, String password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(String fileName, String password)
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Certificates.CertificateConfigLoader.LoadCertificate(CertificateConfig certInfo, String endpointName)
at Microsoft.AspNetCore.Server.Kestrel.KestrelConfigurationLoader.LoadDefaultCert()
at Microsoft.AspNetCore.Server.Kestrel.KestrelConfigurationLoader.Reload()
at Microsoft.AspNetCore.Server.Kestrel.KestrelConfigurationLoader.Load()
at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.BindAsync(CancellationToken cancellationToken)
at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.StartAsync[TContext](IHttpApplication`1 application, CancellationToken cancellationToken)
at Microsoft.AspNetCore.Hosting.GenericWebHostService.StartAsync(CancellationToken cancellationToken)
at Microsoft.Extensions.Hosting.Internal.Host.StartAsync(CancellationToken cancellationToken)
at Microsoft.Extensions.Hosting.HostingAbstractionsHostExtensions.RunAsync(IHost host, CancellationToken token)
at Microsoft.Extensions.Hosting.HostingAbstractionsHostExtensions.RunAsync(IHost host, CancellationToken token)
at Microsoft.Extensions.Hosting.HostingAbstractionsHostExtensions.Run(IHost host)
at Backoffice.Program.Main(String[] args) in D:\a\s\BackOffice\Program.cs:line 12
一旦问题是 运行 在 windows 容器上使用 https 连接 DotNet Core,我应该缺少一些基本的东西。没有异常。
由 运行 用户 ContainerAdministrator
的容器解决
很多问题并不总是浮出水面,它看起来与使用的图像有关。
有关此问题的更多信息,请查看 github
要在 docker-compose.yaml 文件上设置用户,请添加:
services:
wepApp:
user: "ContainerAdministrator"
从命令行设置:
> docker-compose run --user ContainerAdministrator wepApp
我有一个 dotnet 核心应用程序,它需要 运行 在 windows 核心容器中并公开 443 端口 (https)
我将证书传递给了容器,为用户路径和密码设置了环境变量。 应用程序能够找到 de 证书,但失败并出现以下错误:
crit: Microsoft.AspNetCore.Server.Kestrel[0]
Unable to start Kestrel.
Internal.Cryptography.CryptoThrowHelper+WindowsCryptographicException: Object was not found.
该证书是本地主机域的自签名证书。
我尝试将服务器 localhost 添加到 docker 容器,但也没有成功。
这不是证书密码或证书位置的问题,因为这些问题会给出明确的错误。
此处docker相关配置文件:
Docker 文件:
FROM mcr.microsoft.com/dotnet/aspnet:5.0 AS base
WORKDIR /app
EXPOSE 443
VOLUME c:/certificates
COPY . .
#place to put the https certificate
ENV ASPNETCORE_URLS="https://+:443"
ENV ASPNETCORE_HTTPS_PORT=8243
ENTRYPOINT ["dotnet", "webApp.dll"]
docker-compose.yaml 文件:
version: '3.4'
services:
webApp:
container_name: webApp
build:
context: ..\webApp\
dockerfile: Dockerfile
volumes:
- type: bind
source: d:/certificates
target: c:/certificates
environment:
- ASPNETCORE_Kestrel__Certificates__Default__Password=somepass
- ASPNETCORE_Kestrel__Certificates__Default__Path=c:\certificates\servercert.pfx
ports:
- "8243:443"
extra_hosts:
- "localhost:127.0.0.1"
networks:
- net
networks:
net:
如何运行:
docker-compose run wepApp
完整的错误堆栈:
crit: Microsoft.AspNetCore.Server.Kestrel[0]
Unable to start Kestrel.
Internal.Cryptography.CryptoThrowHelper+WindowsCryptographicException: Object was not found.
at Internal.Cryptography.Pal.CertificatePal.FilterPFXStore(ReadOnlySpan`1 rawData, SafePasswordHandle password, PfxCertStoreFlags pfxCertStoreFlags)
at Internal.Cryptography.Pal.CertificatePal.FromBlobOrFile(ReadOnlySpan`1 rawData, String fileName, SafePasswordHandle password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.X509Certificate..ctor(String fileName, String password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(String fileName, String password)
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Certificates.CertificateConfigLoader.LoadCertificate(CertificateConfig certInfo, String endpointName)
at Microsoft.AspNetCore.Server.Kestrel.KestrelConfigurationLoader.LoadDefaultCert()
at Microsoft.AspNetCore.Server.Kestrel.KestrelConfigurationLoader.Reload()
at Microsoft.AspNetCore.Server.Kestrel.KestrelConfigurationLoader.Load()
at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.BindAsync(CancellationToken cancellationToken)
at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.StartAsync[TContext](IHttpApplication`1 application, CancellationToken cancellationToken)
Unhandled exception. Internal.Cryptography.CryptoThrowHelper+WindowsCryptographicException: Object was not found.
at Internal.Cryptography.Pal.CertificatePal.FilterPFXStore(ReadOnlySpan`1 rawData, SafePasswordHandle password, PfxCertStoreFlags pfxCertStoreFlags)
at Internal.Cryptography.Pal.CertificatePal.FromBlobOrFile(ReadOnlySpan`1 rawData, String fileName, SafePasswordHandle password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.X509Certificate..ctor(String fileName, String password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(String fileName, String password)
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Certificates.CertificateConfigLoader.LoadCertificate(CertificateConfig certInfo, String endpointName)
at Microsoft.AspNetCore.Server.Kestrel.KestrelConfigurationLoader.LoadDefaultCert()
at Microsoft.AspNetCore.Server.Kestrel.KestrelConfigurationLoader.Reload()
at Microsoft.AspNetCore.Server.Kestrel.KestrelConfigurationLoader.Load()
at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.BindAsync(CancellationToken cancellationToken)
at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.StartAsync[TContext](IHttpApplication`1 application, CancellationToken cancellationToken)
at Microsoft.AspNetCore.Hosting.GenericWebHostService.StartAsync(CancellationToken cancellationToken)
at Microsoft.Extensions.Hosting.Internal.Host.StartAsync(CancellationToken cancellationToken)
at Microsoft.Extensions.Hosting.HostingAbstractionsHostExtensions.RunAsync(IHost host, CancellationToken token)
at Microsoft.Extensions.Hosting.HostingAbstractionsHostExtensions.RunAsync(IHost host, CancellationToken token)
at Microsoft.Extensions.Hosting.HostingAbstractionsHostExtensions.Run(IHost host)
at Backoffice.Program.Main(String[] args) in D:\a\s\BackOffice\Program.cs:line 12
一旦问题是 运行 在 windows 容器上使用 https 连接 DotNet Core,我应该缺少一些基本的东西。没有异常。
由 运行 用户 ContainerAdministrator
很多问题并不总是浮出水面,它看起来与使用的图像有关。 有关此问题的更多信息,请查看 github
要在 docker-compose.yaml 文件上设置用户,请添加:
services:
wepApp:
user: "ContainerAdministrator"
从命令行设置:
> docker-compose run --user ContainerAdministrator wepApp