• Uncategorized

About c# : Certificate-for-Blazor-Server-App-to-publish-on-Linux-vServer-in-Docker-Container

Question Detail

i developed a Blazor Server App, which uses EF-Core to access a MariaDB.
I want to publish the app (for production) to a linux-vServer with Debian 10 (could also use Ubuntu) managed with Plesk.
The App should run in a docker-container. I’m completely new to docker.
The MariaDB is running over Plesk, not containerized, I want to access it over localhost,3306.
I do have root and shell access.

This is my docker-file:

FROM mcr.microsoft.com/dotnet/aspnet:6.0
COPY . /app
EXPOSE 8700/tcp

FROM mcr.microsoft.com/dotnet/aspnet:6.0 AS base


FROM mcr.microsoft.com/dotnet/sdk:6.0 AS build
COPY ["WebApplication/WebApplication.csproj", "WebApplication/"]
COPY ["InvoicingDocuments/InvoicingDocuments.csproj", "InvoicingDocuments/"]
COPY ["DataModels/DataModels.csproj", "DataModels/"]
COPY ["SmtpMail/SmtpMail.csproj", "SmtpMail/"]
RUN dotnet restore "WebApplication/WebApplication.csproj"
COPY . .
WORKDIR "/src/WebApplication"
RUN dotnet build "WebApplication.csproj" -c Release -o /app/build

FROM build AS publish
RUN dotnet publish "WebApplication.csproj" -c Release -o /app/publish

FROM base AS final
COPY --from=publish /app/publish .
ENTRYPOINT ["dotnet", "WebApplication.dll"]

I was running the command:
docker run -d -p 80:8700 --net host cpp-blazor
I added the –net host so i can access the localhost-mariaDb.

First i encountered the error:
System.InvalidOperationException: Unable to configure HTTPS endpoint. No server certificate was specified, and the default developer certificate could not be found or is out of date.
even tho the Homepage has SSL-certificate setup in Plesk. the application did exit.

My first approach to this issue was to Configure Kestrel with a pfx-file following the video: Custom HTTPS Dev Environment using .NET Core, Kestrel & certificates

My Program.cs now contains the following:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Net;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Hosting;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.Hosting;
using Microsoft.Extensions.Logging;

namespace WebApplication
    public class Program
        public static void Main(string[] args)

        public static IHostBuilder CreateHostBuilder(string[] args) =>
                .ConfigureServices((context, services) =>
                    HostConfig.CertPath = "certificate.pfx";
                    HostConfig.CertPassword = "password";
                .ConfigureWebHostDefaults(webBuilder =>
                    webBuilder.ConfigureKestrel(opt =>
                        opt.ListenAnyIP(8700, listOpt =>
                            listOpt.UseHttps(HostConfig.CertPath, HostConfig.CertPassword);

    public static class HostConfig
        public static string CertPath { get; set; }
        public static string CertPassword { get; set; }

certificate.pfx is copied on build and is actually found by the application.
The pfx file is a SSL Wildcard from DigiCert, i got it from the hosting provider.
It works fine in Plesk.
I get the following output from the docker log:

{"EventId":0,"LogLevel":"Warning","Category":"Microsoft.AspNetCore.Server.Kestrel","Message":"Overriding address(es) \u0027http://\u002B:80\u0027. Binding to endpoints defined via IConfiguration and/or UseKestrel() instead.","State":{"Message":"Overriding address(es) \u0027http://\u002B:80\u0027. Binding to endpoints defined via IConfiguration and/or UseKestrel() instead.","addresses":"http://\u002B:80","{OriginalFormat}":"Overriding address(es) \u0027{addresses}\u0027. Binding to endpoints defined via IConfiguration and/or UseKestrel() instead."}}
{"EventId":14,"LogLevel":"Information","Category":"Microsoft.Hosting.Lifetime","Message":"Now listening on: https://[::]:8700","State":{"Message":"Now listening on: https://[::]:8700","address":"https://[::]:8700","{OriginalFormat}":"Now listening on: {address}"}}
{"EventId":0,"LogLevel":"Information","Category":"Microsoft.Hosting.Lifetime","Message":"Application started. Press Ctrl\u002BC to shut down.","State":{"Message":"Application started. Press Ctrl\u002BC to shut down.","{OriginalFormat}":"Application started. Press Ctrl\u002BC to shut down."}}
{"EventId":0,"LogLevel":"Information","Category":"Microsoft.Hosting.Lifetime","Message":"Hosting environment: Production","State":{"Message":"Hosting environment: Production","envName":"Production","{OriginalFormat}":"Hosting environment: {envName}"}}
{"EventId":0,"LogLevel":"Information","Category":"Microsoft.Hosting.Lifetime","Message":"Content root path: /app","State":{"Message":"Content root path: /app","contentRoot":"/app","{OriginalFormat}":"Content root path: {contentRoot}"}}

Using the same docker run command, i managed to find the app running under https domain.com:80 but I get the error SSL_ERROR_RX_RECORD_TOO_LONG when navigating in the browser to that domain. The docker container does not crash.
It works locally on my machine, just telling me the certificate is not trusted due its assigned to my domain and not localhost. I can access the App.

I already tried removing the certificates from plesk, resulting in the same error or not reaching the webpage.

Any suggestions or tipps, how to properly setup certificate for Blazor Server or ASP.NET Core Hosting in that case under Linux?
I dont think that Plesk is the issue, since im running in the same problems when using shell only.

Question Answer

No answer for now.

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.