通过 https 的 dockerized blazor wasm 不起作用
dockerized blazor wasm over https doesn't work
我需要在 docker 容器中 运行 一个 blazor wasm 托管的 pwa,并使其在 https 上运行。我关注了这个 Quick Start 但它似乎没有像 blazor 预期的那样工作。不过,完全相同的步骤适用于其他 asp.net 核心项目(如 webapi 项目)。
重现步骤如下:
在文件夹内Foo/创建示例 blazor wasm 托管 pwa:
dotnet new blazorwasm --hosted --pwa
创建一个 docker 文件:
FROM mcr.microsoft.com/dotnet/sdk:5.0-alpine as builder
WORKDIR /src
COPY ./Shared/Foo.Shared.csproj Shared/
COPY ./Client/Foo.Client.csproj Client/
COPY ./Server/Foo.Server.csproj Server/
COPY ./Foo.sln .
RUN dotnet restore
COPY . .
RUN dotnet build -c Release --no-restore
RUN dotnet publish -c Release --no-build ./Server -o /publish
FROM mcr.microsoft.com/dotnet/aspnet:5.0-alpine as runner
WORKDIR /app
COPY --from=builder /publish .
ENTRYPOINT dotnet Foo.Server.dll
从 docker 文件创建图像:
docker build -t Foo:latest .
要使其与 https 一起使用,我们需要一个证书。所以为本地开发创建一个:
dotnet dev-certs https -ep ./.aspnet/https/Foo.Server.pfx -p Password
dotnet dev-certs https --trust
因为证书名称应与程序集名称相同,并且 Foo.Server 是程序集的名称(因为服务器项目将 运行 宁并为客户端项目的文件提供服务), 我是对的?
接下来,在user secrets中添加证书的密码:
cd Server/
dotnet user-secrets init
dotnet user-secrets set "Kestrel:Certificates:Default:Password" "Password"
现在,运行 容器并将证书的文件夹作为卷安装,以便 Kestrel 找到它。还要安装 UserSecrets 以提供证书的密码:
docker run --rm -it -p 8000:80 -p 8001:443 -e ASPNETCORE_URLS="https://+;http://+" -e ASPNETCORE_HTTPS_PORT=8001 -e ASPNETCORE_ENVIRONMENT=Development -v "C:\Absolute\Path\To\Foo\.aspnet\https":/root/.aspnet/https/ -v "C:\Absolute\Path\To\UserSecrets":/root/.microsoft/usersecrets/ Foo:latest
预期行为:容器启动,应用程序可通过端口 8001 上的 https 访问。
实际行为:抛出异常,提示未找到证书。
Microsoft.AspNetCore.Server.Kestrel[0]
Unable to start Kestrel.
System.InvalidOperationException: Unable to configure HTTPS endpoint. No server certificate was specified,
and the default developer certificate could not be found or is out of date.
To generate a developer certificate run 'dotnet dev-certs https'. To trust the certificate (Windows and macOS only) run 'dotnet dev-certs https --trust'.
For more information on configuring HTTPS see https://go.microsoft.com/fwlink/?linkid=848054.
at Microsoft.AspNetCore.Hosting.ListenOptionsHttpsExtensions.UseHttps(ListenOptions listenOptions, Action`1 configureOptions)
at Microsoft.AspNetCore.Hosting.ListenOptionsHttpsExtensions.UseHttps(ListenOptions listenOptions)
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.AddressesStrategy.BindAsync(AddressBindContext context)
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.BindAsync(IEnumerable`1 listenOptions, AddressBindContext context)
at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.BindAsync(CancellationToken cancellationToken)
at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.StartAsync[TContext](IHttpApplication`1 application, CancellationToken cancellationToken)
Unhandled exception. System.InvalidOperationException: Unable to configure HTTPS endpoint. No server certificate
was specified, and the default developer certificate could not be found or is out of date.
To generate a developer certificate run 'dotnet dev-certs https'. To trust the certificate (Windows and macOS only) run 'dotnet dev-certs https --trust'.
For more information on configuring HTTPS see https://go.microsoft.com/fwlink/?linkid=848054.
at Microsoft.AspNetCore.Hosting.ListenOptionsHttpsExtensions.UseHttps(ListenOptions listenOptions, Action`1 configureOptions)
at Microsoft.AspNetCore.Hosting.ListenOptionsHttpsExtensions.UseHttps(ListenOptions listenOptions)
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.AddressesStrategy.BindAsync(AddressBindContext context)
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.BindAsync(IEnumerable`1 listenOptions, AddressBindContext context)
at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.BindAsync(CancellationToken cancellationToken)
at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.StartAsync[TContext](IHttpApplication`1 application, CancellationToken cancellationToken)
at Microsoft.AspNetCore.Hosting.GenericWebHostService.StartAsync(CancellationToken cancellationToken)
at Microsoft.Extensions.Hosting.Internal.Host.StartAsync(CancellationToken cancellationToken)
at Microsoft.Extensions.Hosting.HostingAbstractionsHostExtensions.RunAsync(IHost host, CancellationToken token)
at Microsoft.Extensions.Hosting.HostingAbstractionsHostExtensions.RunAsync(IHost host, CancellationToken token)
at Microsoft.Extensions.Hosting.HostingAbstractionsHostExtensions.Run(IHost host)
at foo.Server.Program.Main(String[] args) in /src/Server/Program.cs:line 16
编辑:我在 windows 10 和 .Net5
原来我必须添加证书的路径和密码:
dotnet user-secrets set "Kestrel:Certificates:Default:Path" "/root/.aspnet/https/Foo.Server.pfx"
在其他类型的项目中(blazor 除外),我不必显式添加此路径。我认为是因为 /root/.aspnet/https 被用作默认文件夹以在没有提及路径的情况下查找证书。但是对于 blazor 项目,显然不是。
我需要在 docker 容器中 运行 一个 blazor wasm 托管的 pwa,并使其在 https 上运行。我关注了这个 Quick Start 但它似乎没有像 blazor 预期的那样工作。不过,完全相同的步骤适用于其他 asp.net 核心项目(如 webapi 项目)。
重现步骤如下:
在文件夹内
Foo/创建示例 blazor wasm 托管 pwa:dotnet new blazorwasm --hosted --pwa创建一个 docker 文件:
FROM mcr.microsoft.com/dotnet/sdk:5.0-alpine as builder
WORKDIR /src
COPY ./Shared/Foo.Shared.csproj Shared/
COPY ./Client/Foo.Client.csproj Client/
COPY ./Server/Foo.Server.csproj Server/
COPY ./Foo.sln .
RUN dotnet restore
COPY . .
RUN dotnet build -c Release --no-restore
RUN dotnet publish -c Release --no-build ./Server -o /publish
FROM mcr.microsoft.com/dotnet/aspnet:5.0-alpine as runner
WORKDIR /app
COPY --from=builder /publish .
ENTRYPOINT dotnet Foo.Server.dll
从 docker 文件创建图像:
docker build -t Foo:latest .要使其与 https 一起使用,我们需要一个证书。所以为本地开发创建一个:
dotnet dev-certs https -ep ./.aspnet/https/Foo.Server.pfx -p Passworddotnet dev-certs https --trust
因为证书名称应与程序集名称相同,并且 Foo.Server 是程序集的名称(因为服务器项目将 运行 宁并为客户端项目的文件提供服务), 我是对的?
接下来,在user secrets中添加证书的密码:
cd Server/dotnet user-secrets initdotnet user-secrets set "Kestrel:Certificates:Default:Password" "Password"现在,运行 容器并将证书的文件夹作为卷安装,以便 Kestrel 找到它。还要安装 UserSecrets 以提供证书的密码:
docker run --rm -it -p 8000:80 -p 8001:443 -e ASPNETCORE_URLS="https://+;http://+" -e ASPNETCORE_HTTPS_PORT=8001 -e ASPNETCORE_ENVIRONMENT=Development -v "C:\Absolute\Path\To\Foo\.aspnet\https":/root/.aspnet/https/ -v "C:\Absolute\Path\To\UserSecrets":/root/.microsoft/usersecrets/ Foo:latest
预期行为:容器启动,应用程序可通过端口 8001 上的 https 访问。
实际行为:抛出异常,提示未找到证书。
Microsoft.AspNetCore.Server.Kestrel[0]
Unable to start Kestrel.
System.InvalidOperationException: Unable to configure HTTPS endpoint. No server certificate was specified,
and the default developer certificate could not be found or is out of date.
To generate a developer certificate run 'dotnet dev-certs https'. To trust the certificate (Windows and macOS only) run 'dotnet dev-certs https --trust'.
For more information on configuring HTTPS see https://go.microsoft.com/fwlink/?linkid=848054.
at Microsoft.AspNetCore.Hosting.ListenOptionsHttpsExtensions.UseHttps(ListenOptions listenOptions, Action`1 configureOptions)
at Microsoft.AspNetCore.Hosting.ListenOptionsHttpsExtensions.UseHttps(ListenOptions listenOptions)
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.AddressesStrategy.BindAsync(AddressBindContext context)
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.BindAsync(IEnumerable`1 listenOptions, AddressBindContext context)
at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.BindAsync(CancellationToken cancellationToken)
at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.StartAsync[TContext](IHttpApplication`1 application, CancellationToken cancellationToken)
Unhandled exception. System.InvalidOperationException: Unable to configure HTTPS endpoint. No server certificate
was specified, and the default developer certificate could not be found or is out of date.
To generate a developer certificate run 'dotnet dev-certs https'. To trust the certificate (Windows and macOS only) run 'dotnet dev-certs https --trust'.
For more information on configuring HTTPS see https://go.microsoft.com/fwlink/?linkid=848054.
at Microsoft.AspNetCore.Hosting.ListenOptionsHttpsExtensions.UseHttps(ListenOptions listenOptions, Action`1 configureOptions)
at Microsoft.AspNetCore.Hosting.ListenOptionsHttpsExtensions.UseHttps(ListenOptions listenOptions)
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.AddressesStrategy.BindAsync(AddressBindContext context)
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.BindAsync(IEnumerable`1 listenOptions, AddressBindContext context)
at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.BindAsync(CancellationToken cancellationToken)
at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.StartAsync[TContext](IHttpApplication`1 application, CancellationToken cancellationToken)
at Microsoft.AspNetCore.Hosting.GenericWebHostService.StartAsync(CancellationToken cancellationToken)
at Microsoft.Extensions.Hosting.Internal.Host.StartAsync(CancellationToken cancellationToken)
at Microsoft.Extensions.Hosting.HostingAbstractionsHostExtensions.RunAsync(IHost host, CancellationToken token)
at Microsoft.Extensions.Hosting.HostingAbstractionsHostExtensions.RunAsync(IHost host, CancellationToken token)
at Microsoft.Extensions.Hosting.HostingAbstractionsHostExtensions.Run(IHost host)
at foo.Server.Program.Main(String[] args) in /src/Server/Program.cs:line 16
编辑:我在 windows 10 和 .Net5
原来我必须添加证书的路径和密码:
dotnet user-secrets set "Kestrel:Certificates:Default:Path" "/root/.aspnet/https/Foo.Server.pfx"
在其他类型的项目中(blazor 除外),我不必显式添加此路径。我认为是因为 /root/.aspnet/https 被用作默认文件夹以在没有提及路径的情况下查找证书。但是对于 blazor 项目,显然不是。