Reputation: 5157
ASP.NET Core HttpClient can't make HTTPS calls in container
I am in the process of migrating an API from Windows .NET Full Framework (4.6.1) to ASP.NET Core.
I was able to spin up a container in our Rancher environment via the following Dockerfile:
root@a84db3bdc3cf:/app# cat Dockerfile
FROM microsoft/aspnetcore:1.1
ARG source=.
WORKDIR /app
EXPOSE 80
COPY $source .
ENTRYPOINT ["dotnet", "myapp.dll"]
I have noticed that anyone in my code that uses HttpClient that makes a call to a HTTPS url, the call fails.
The Message in the InnerException reads:
SSL connect error
Has anyone seen this, and if so, do you know if there is some extra configuration required for the container to be able to do HTTP operations via HTTPS? It seems to work fine with HTTP.
EDIT:
My application doesn't run over HTTPS. It is hosted over HTTP. The code in my application is trying to make a call to a remote API that is hosted over HTTPS, and has a valid certificate.
Upvotes: 1
Views: 4208
Answers (2)
Reputation: 2697
.net core on linux uses curl to provide the implementation of HttpClient
you can test if that's working for you like this
docker run microsoft/aspnetcore-build:2.0 curl https://server
and if it doesn't, try this to see if you have the same problem as I did:
docker run microsoft/aspnetcore-build:2.0 curl -k https://server
For me, the problem was that part of the certificate chain was missing from the cert store for the site I was connecting to.
I modified the Dockerfile like so:
# build runtime image
FROM microsoft/aspnetcore:2.0
WORKDIR /app
COPY --from=build-env /app/out .
COPY missing-cert.crt /usr/share/ca-certificates
RUN echo missing-cert.crt >> /etc/ca-certificates.conf
RUN update-ca-certificates
ENTRYPOINT ["dotnet", "myaspdotnetapp.dll"]
And it works for me
Upvotes: 2
Reputation: 13755
I think you have to expose 443 instead of 80 as the 443 is the default port for Https
root@a84db3bdc3cf:/app# cat Dockerfile
FROM microsoft/aspnetcore:1.1
ARG source=.
WORKDIR /app
EXPOSE 443
COPY $source .
ENTRYPOINT ["dotnet", "myapp.dll"]
But Note that you should be sure that your docker contains a certificate docker container ssl certificates
Upvotes: 1
Related Questions
- ASP.NET Core Docker Container App not accessible
- Asp.net core SSL could not run in docker container
- ASP.NET Unable to configure HTTPS endpoint - Docker & Linux
- HttpClient request on networked docker container
- Https required for asp.net core in docker
- Asp.Net-Core Application in docker over https
- Unable to configure ASP.NET HTTPS endpoint in Linux docker on Windows
- HttpListener (.NET Core) doesn't work with https on windows dockers
- Asp.net Core Docker container outbound HTTPS calls failing
- .net core web api app with https in docker