This week I decided to modify the sample of my previous post: Step by step: Scale ASP.NET Core with Docker Swarm so you can add TLS to your ASP.NET Core applications and Dockerize it.

Let’s see how I changed the application in order to make it work:

1. Add HTTPS support for Kestrel#

I added the following line to the dependencies in the project.json file.

1    "Microsoft.AspNetCore.Server.Kestrel.Https": "1.0.1",

2. Configure Kestrel to use HTTPS#

In the Main method I configured Kestrel to use HTTPS. Don’t worry about the cert.pfx certificate file because it will be created inside the docker container.

Note that in line 8 I also configured the application to use port 443.

 1    public static void Main(string[] args)
 2    {
 3        var host = new WebHostBuilder()
 4            .UseKestrel((o) => 
 5            {
 6                o.UseHttps(new X509Certificate2(@"cert.pfx", Configuration["certPassword"]));
 7            })
 8            .UseUrls("https://*:443")
 9            .UseContentRoot(Directory.GetCurrentDirectory())
10            .UseStartup<Startup>()
11            .Build();
13        host.Run();
14    }

Now It’s time to show you how to Dockerize the application:

1. Create a dockerfile#

 1# We use the microsoft/dotnet image as a starting point.
 2FROM microsoft/dotnet 
 4# Install git
 5RUN apt-get install git -y
 7# Clone the source code
 8RUN git clone -b ssl
10# Set our working folder
11WORKDIR aspnet-core-helloworld/src/dotnetstarter
13# Restore nuget packages
14RUN dotnet restore
16# Build the application using dotnet!!!
17RUN dotnet build
19# Set password for the certificate as 1234
20# I'm using Environment Variable here to simplify the .NET Core sample.
21ENV certPassword 1234
23# Use opnssl to generate a self signed certificate cert.pfx with password $env:certPassword
24RUN openssl genrsa -des3 -passout pass:${certPassword} -out server.key 2048
25RUN openssl rsa -passin pass:${certPassword} -in server.key -out server.key
26RUN openssl req -sha256 -new -key server.key -out server.csr -subj '/CN=localhost'
27RUN openssl x509 -req -sha256 -days 365 -in server.csr -signkey server.key -out server.crt
28RUN openssl pkcs12 -export -out cert.pfx -inkey server.key -in server.crt -certfile server.crt -passout pass:${certPassword}
30# Expose port 443 for the application.
31EXPOSE 443
33# Start the application using dotnet!!!
34ENTRYPOINT dotnet run

2. Create a Docker image#

With the dockerfile in place run the following command

1sudo docker build -t httpssample .

Now you have an image named httpssample with all the dependencies and code needed to run the application.

3. Test the Docker image#

To test the Docker image run the following command

1sudo docker run -it -p 443:443 httpssample 

Browse to https://localhost Your browser will warn about the certificate because it’s self signed.

4. Run the Docker image as a daemon process#

Now that you know that everything is working as expected use the following command to run the Docker image as a daemon process

1docker run -t -d -p 443:443 httpssample 

You can get a copy of the docker file here:

Hope it helps!