CODEWITHSUNDEEP
dockerdockerfile
peinearydevelopment
peinearydevelopment

Reputation: 11474

Openssl command not working in Dockerfile Run

I'm new to Docker. I'm trying to work through some basic operations to increase my understanding. I have a very basic webapp that I've created and wanted to create a Dockerfile for it. One thing I would like to do is to have the webapp delivered over https. I would like to use Let's Encrypt. As I was just getting started, I found on Let's Encrypt's website, instructions for creating a cert for local development.

I wanted to include that as a part of my Dockerfile.

I add the following to my Dockerfile:

RUN openssl req \
-x509 \
-out localhost.crt \
-keyout localhost.key \
-newkey rsa:2048 \
-nodes \
-sha256 \
-subj "/CN=localhost" \
-extensions EXT \
-config <(printf "[dn]\nCN=localhost\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName=DNS:localhost\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth")

Whenever I run the docker build command on this file though, I'm receiving the following error.

Step 12/18 : RUN openssl req -x509 -out localhost.crt -keyout localhost.key -newkey rsa:2048 -nodes -sha256 -subj "/CN=localhost" -extensions EXT -config <(printf "[dn]\nCN=localhost\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName=DNS:localhost\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth")
 ---> Running in 079b3085beba
/bin/sh: 1: Syntax error: "(" unexpected
The command '/bin/sh -c openssl req -x509 -out localhost.crt -keyout localhost.key -newkey rsa:2048 -nodes -sha256 -subj "/CN=localhost" -extensions EXT -config <(printf "[dn]\nCN=localhost\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName=DNS:localhost\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth")' returned a non-zero code: 2

As my simple application is a dotnet application, the base image is FROM mcr.microsoft.com/dotnet/core/aspnet:3.1. This is an image built upon 3.1.4-buster-slim which is a debian container.

I then ran docker run -it mcr.microsoft.com/dotnet/core/aspnet:3.1 so that I could have shell access on that root container and I was able to then copy and paste the above command into the terminal and it worked just fine.

I'm running Docker for Windows on my Windows machine, so I thought perhaps I was getting the error due to the different line endings between Windows and Linux. I made sure all the line endings on the Dockerfile were LF and not CRLF and am still getting the same error. The Dockerfile is UTF-8 encoding, which as far as I can tell is the standard for Linux as well.

I'm at a loss as to why I'm getting this error. What do I need to change about the command or the dockerfile to get the above command to work properly as a part of my Dockerfile build?

Upvotes: 0

Views: 6521

Answers (1)

peinearydevelopment
peinearydevelopment

Reputation: 11474

Thanks to @michaeldel I was able to understand what problem was occurring.

After doing some searching, I found that in one's Dockerfile, the shell to be used can be specified. I updated my Dockerfile to the following and all is working now.

FROM mcr.microsoft.com/dotnet/core/aspnet:3.1 AS runtime
SHELL ["/bin/bash", "-c"]
RUN echo "$(openssl version)"
RUN openssl req \
-x509 \
-out localhost.crt \
-keyout localhost.key \
-newkey rsa:2048 \
-nodes \
-sha256 \
-subj "/CN=localhost" \
-extensions EXT \
-config <(printf "[dn]\nCN=localhost\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName=DNS:localhost\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth")

Upvotes: 1

Related Questions