jhodges
❔ ✅ Certificates in Docker Build
@TeBeClone I am assuming you mean this guide: https://learn.microsoft.com/en-us/dotnet/core/additional-tools/self-signed-certificates-guide. There is also good guidance at https://learn.microsoft.com/en-us/aspnet/core/security/enforcing-ssl?view=aspnetcore-5.0&tabs=visual-studio%2Clinux-ubuntu#trust-https-certificate-on-linux-1. While those docs are good the key piece of information the docs are missing is service-to-service communication within Linux. This is exactly what our tests are doing, spinning up an API and using HttpClient to all some endpoints.
After generating a cert using the docs above I had a different set of errors around certificate trust. Turns out that openssl has a much stricter set of parameters for trusting a self-signed certificate. Thus, generating a cert using
dotnet dev-cert does not work. The issue is described at https://github.com/dotnet/aspnetcore/issues/7246#issuecomment-537752663. The root cause is fixed in OpenSSL 1.1.1h or later but the SDK container image doesn't have that version of OpenSSL. There is also a nice fix at https://blog.wille-zone.de/post/aspnetcore-devcert-for-ubuntu/.32 replies