我有一个asp.net core 3.1 Web应用程序,我试图在其中获取当前用户个人商店中可用的证书。
当我使用IISExpress运行应用程序时,我可以获得证书,
X509Store storex = null;
try
{
storex = new X509Store(StoreName.My, StoreLocation.CurrentUser);
storex.Open(OpenFlags.ReadOnly);
var certificates = storex.Certificates.Find(X509FindType.FindByThumbprint,
"23f642c528f747241bb5bef8cd8ff21116dc5bff", true);
X509Certificate certificatex = certificates[0];
}
catch (Exception e)
{
throw e;
}
finally
{
storex.Close();
}
对于此Web应用程序,我有Dockerfile这样的
#See https://aka.ms/containerfastmode to understand how Visual Studio uses this Dockerfile to build your images for faster debugging.
FROM mcr.microsoft.com/dotnet/core/aspnet:3.1-buster-slim AS base
WORKDIR /app
EXPOSE 80
EXPOSE 443
FROM mcr.microsoft.com/dotnet/core/sdk:3.1-buster AS build
WORKDIR /src
COPY ["DockTest/DockTest.csproj", "DockTest/"]
RUN dotnet restore "DockTest/DockTest.csproj"
COPY . .
WORKDIR "/src/DockTest"
RUN dotnet build "DockTest.csproj" -c Release -o /app/build
FROM build AS publish
RUN dotnet publish "DockTest.csproj" -c Release -o /app/publish
FROM base AS final
WORKDIR /app
COPY --from=publish /app/publish .
ENTRYPOINT ["dotnet", "DockTest.dll"]
现在,当我尝试将应用程序作为Docker映像运行时,则没有获得证书。
如何将证书加载到Docker映像?
我试图在dockerfile中添加如下所示的证书,但是它不起作用
COPY C:/TEMP/Cert/mycert.pfx
请提出建议。
答案 0 :(得分:0)
Docker是一个隔离的环境,因此它无法访问主机资源,包括证书存储。 您可能需要将证书复制到Docker映像,并使用
加载它var x509 = new X509Certificate2(File.ReadAllBytes(fileName));
但是请注意,所有有权访问您创建的图像的人都可以使用它。