How to have ASP.NET Core running locally with HTTPS in Kubernetes

Question

I currently have a docker-compose setup for ASP.NET Core. However when moving to test the cluster in Kubernetes I ran into SSL issues with Kestrel. Originally with Docker/Docker-compose you can set up local SSL with

dotnet dev-certs https -ep %USERPROFILE%\.aspnet\https\<app_name>.pfx -p <password>

Then

dotnet dev-certs https --trust

Finally

dotnet user-secrets set "Kestrel:Certificates:Development:Password" "<password>"

And in Docker-compose I setup the volumes to point to this cert

volumes:
      - ${APPDATA}\microsoft\UserSecrets\:/root/.microsoft/usersecrets
      - ${USERPROFILE}\.aspnet\https:/root/.aspnet/https/

I am curious how I can test locally https with kubernetes. I saw a git repo https://github.com/Lybecker/k8s-friendly-aspnetcore, however I did not figure out how to get the .pfx file from my local computer into the secret, I would think copy and paste is not the way to go.

I looked at this SO post Access .NET Core app on Kubernetes on both http and https

However it looks like they are using .Net 5 which uses .key and .crt. I am on .Net 3.1 which uses a .pfx file.

Answer 1

Rather than deploying your .NET core container with https, you should deploy it with http and use nginx-ingress to provide https as described here: https://cert-manager.io/docs/tutorials/acme/nginx-ingress/