Install certificate in dotnet core docker container
Previously our application ran on .net framework and we used powershell to install our certificate into the certificate store by running the following command:
RUN powershell -NoProfile -Command \
$Secure_String_Pwd = ConvertTo-SecureString "ourverysecretpassword" -AsPlainText -Force ; \
Import-PfxCertificate -FilePath /cert.pfx -CertStoreLocation Cert:\LocalMachine\Root -Exportable -Password $Secure_String_Pwd
but now we have transferred our code to .netcore, the above command wont work in the dockerfile anymore.
Any idea on how to install an existing .pfx certificate via the dockerfile into the docker container?
[EDIT] Im trying to run my container on windows, here is the complete dockerfile, maybe its just that i use the wrong image:
This is the entire docker file:
FROM microsoft/dotnet
COPY ./Web /app/
COPY cert.pfx /cert.pfx
RUN powershell -NoProfile -Command \
$Secure_String_Pwd = ConvertTo-SecureString "againourverysecretpassword" -
AsPlainText -Force ; \
Import-PfxCertificate -FilePath /cert.pfx -CertStoreLocation
Cert:\LocalMachine\Root -Exportable -Password $Secure_String_Pwd
WORKDIR /app
EXPOSE 5000
ENTRYPOINT ["dotnet", "myhost.dll"]
Anyhow it fails on the run powershell command, saying: 'powershell' is not recognized as an internal or external command, operable program or batch file.
Answer
Is your Docker container running on Linux?
I assume that it is. Then your base image should be microsoft/aspnetcore, which is based on Ubuntu.
You should add this in your DOCKERFILE:
COPY ca_bundle.crt /usr/local/share/ca-certificates/your_ca.crt
RUN update-ca-certificates
First line copies your CA bundle into the image, the second line updates the CA list.
The CA bundle (the list of authorities that signed your certificate) can be extracted from PFX, just Google for it. This is the first link I found.
If your container is running on Windows, then Powershell command should work as-is (I'm not sure about that)