以前,我们的应用程序在框架上运行,我们使用powershell通过运行以下命令将证书安装到证书存储中:
Previously our application ran on framework and we used powershell to install our certificate into the certificate store by running the following command:
运行powershell -NoProfile -Command \ $ Secure_String_Pwd = ConvertTo-SecureString ourverysecretpassword -AsPlainText -Force; \ Import-PfxCertificate -FilePath /cert.pfx -CertStoreLocation证书:\LocalMachine\Root-可导出-密码$ Secure_String_Pwd
但是现在我们已经将代码转移到core,上面的命令将不再在dockerfile中工作。
but now we have transferred our code to core, the above command wont work in the dockerfile anymore.
关于如何安装现有.pfx证书的任何想法通过dockerfile进入docker容器?
Any idea on how to install an existing .pfx certificate via the dockerfile into the docker container?
我试图在Windows上运行我的容器,这是完整的dockerfile,也许就是我使用错误的图像:
Im trying to run my container on windows, here is the complete dockerfile, maybe its just that i use the wrong image:
这是整个docker文件:
This is the entire docker file:
FROM microsoft/dotnet COPY ./Web /app/ COPY cert.pfx /cert.pfx RUN powershell -NoProfile -Command \ $Secure_String_Pwd = ConvertTo-SecureString "againourverysecretpassword" - AsPlainText -Force ; \ Import-PfxCertificate -FilePath /cert.pfx -CertStoreLocation Cert:\LocalMachine\Root -Exportable -Password $Secure_String_Pwd WORKDIR /app EXPOSE 5000 ENTRYPOINT ["dotnet", "myhost.dll"]无论如何,在运行powershell命令时都会失败,并说:'powershell'无法识别为内部或外部命令,可操作程序或批处理文件。
Anyhow it fails on the run powershell command, saying: 'powershell' is not recognized as an internal or external command, operable program or batch file.
推荐答案您的Docker容器是否在Linux上运行?
Is your Docker container running on Linux?
我认为是这样的。然后,您的基本映像应该是 microsoft / aspnetcore ,该映像基于Ubuntu。
I assume that it is. Then your base image should be microsoft/aspnetcore, which is based on Ubuntu.
您应该将此映像添加到您的 DOCKERFILE :
You should add this in your DOCKERFILE:
COPY ca_bundle.crt /usr/local/share/ca-certificates/your_ca.crt RUN update-ca-certificates第一行复制您的将CA捆绑包添加到映像中,第二行更新CA列表。
First line copies your CA bundle into the image, the second line updates the CA list.
CA捆绑包(签署证书的授权机构列表)可以从PFX中提取,只需从Google为了它。 此是我找到的第一个链接。
The CA bundle (the list of authorities that signed your certificate) can be extracted from PFX, just Google for it. This is the first link I found.
如果您的容器在Windows上运行,那么Powershell命令应该按原样运行(我不确定)
If your container is running on Windows, then Powershell command should work as-is (I'm not sure about that)
更多推荐
在dotnet核心docker容器中安装证书
发布评论