ASP.NET Core 1.1 Docker容器无法validationHTTPS连接
我遇到这个问题,只有当我build立一个部署我的容器。 当我的机器在本地运行时,这是没有问题的。
证书只是一个自签名的证书,因为(如果有人很好奇)我们的docker基础设施有一个负载均衡器,它具有所有“可信”证书,负载均衡器与容器build立连接。
基本上,所有对容器的HTTPS请求都会失败,logging如下:
Now listening on: https://*:443 10/19/2017 6:26:50 PMApplication started. Press Ctrl+C to shut down. 10/19/2017 6:27:30 PMdbug: Microsoft.AspNetCore.Server.Kestrel[1] 10/19/2017 6:27:30 PM Connection id "0HL8N93RRUEON" started. 10/19/2017 6:27:30 PMinfo: HttpsConnectionFilter[1] 10/19/2017 6:27:30 PM Failed to authenticate HTTPS connection. 10/19/2017 6:27:30 PMSystem.IO.IOException: The handshake failed due to an unexpected packet format. 10/19/2017 6:27:30 PM at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest) 10/19/2017 6:27:30 PM at System.Net.Security.SslState.PartialFrameCallback(AsyncProtocolRequest asyncRequest) 10/19/2017 6:27:30 PM--- End of stack trace from previous location where exception was thrown --- 10/19/2017 6:27:30 PM at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() 10/19/2017 6:27:30 PM at System.Net.Security.SslState.InternalEndProcessAuthentication(LazyAsyncResult lazyResult) 10/19/2017 6:27:30 PM at System.Net.Security.SslState.EndProcessAuthentication(IAsyncResult result) 10/19/2017 6:27:30 PM at System.Net.Security.SslStream.EndAuthenticateAsServer(IAsyncResult asyncResult) 10/19/2017 6:27:30 PM at System.Threading.Tasks.TaskFactory`1.FromAsyncCoreLogic(IAsyncResult iar, Func`2 endFunction, Action`1 endAction, Task`1 promise, Boolean requiresSynchronization) 10/19/2017 6:27:30 PM--- End of stack trace from previous location where exception was thrown --- 10/19/2017 6:27:30 PM at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() 10/19/2017 6:27:30 PM at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) 10/19/2017 6:27:30 PM at System.Runtime.CompilerServices.TaskAwaiter.GetResult() 10/19/2017 6:27:30 PM at Microsoft.AspNetCore.Server.Kestrel.Https.HttpsConnectionFilter.<OnConnectionAsync>d__6.MoveNext() 10/19/2017 6:27:30 PMdbug: Microsoft.AspNetCore.Server.Kestrel[10] 10/19/2017 6:27:30 PM Connection id "0HL8N93RRUEON" disconnecting. 10/19/2017 6:27:30 PMdbug: Microsoft.AspNetCore.Server.Kestrel[7] 10/19/2017 6:27:30 PM Connection id "0HL8N93RRUEON" sending FIN. 10/19/2017 6:27:30 PMdbug: Microsoft.AspNetCore.Server.Kestrel[8] 10/19/2017 6:27:30 PM Connection id "0HL8N93RRUEON" sent FIN with status "0". 10/19/2017 6:27:30 PMdbug: Microsoft.AspNetCore.Server.Kestrel[2] 10/19/2017 6:27:30 PM Connection id "0HL8N93RRUEON" stopped. 10/19/2017 6:27:39 PMdbug: Microsoft.AspNetCore.Server.Kestrel[1] 10/19/2017 6:27:39 PM Connection id "0HL8N93RRUEOO" started. 10/19/2017 6:27:39 PMinfo: HttpsConnectionFilter[1] 10/19/2017 6:27:39 PM Failed to authenticate HTTPS connection. 10/19/2017 6:27:39 PMSystem.IO.IOException: The handshake failed due to an unexpected packet format. 10/19/2017 6:27:39 PM at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest) 10/19/2017 6:27:39 PM at System.Net.Security.SslState.PartialFrameCallback(AsyncProtocolRequest asyncRequest) 10/19/2017 6:27:39 PM--- End of stack trace from previous location where exception was thrown --- 10/19/2017 6:27:39 PM at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() 10/19/2017 6:27:39 PM at System.Net.Security.SslState.InternalEndProcessAuthentication(LazyAsyncResult lazyResult) 10/19/2017 6:27:39 PM at System.Net.Security.SslState.EndProcessAuthentication(IAsyncResult result) 10/19/2017 6:27:39 PM at System.Net.Security.SslStream.EndAuthenticateAsServer(IAsyncResult asyncResult) 10/19/2017 6:27:39 PM at System.Threading.Tasks.TaskFactory`1.FromAsyncCoreLogic(IAsyncResult iar, Func`2 endFunction, Action`1 endAction, Task`1 promise, Boolean requiresSynchronization) 10/19/2017 6:27:39 PM--- End of stack trace from previous location where exception was thrown --- 10/19/2017 6:27:39 PM at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() 10/19/2017 6:27:39 PM at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) 10/19/2017 6:27:39 PM at System.Runtime.CompilerServices.TaskAwaiter.GetResult() 10/19/2017 6:27:39 PM at Microsoft.AspNetCore.Server.Kestrel.Https.HttpsConnectionFilter.<OnConnectionAsync>d__6.MoveNext() 10/19/2017 6:27:39 PMdbug: Microsoft.AspNetCore.Server.Kestrel[10] 10/19/2017 6:27:39 PM Connection id "0HL8N93RRUEOO" disconnecting. 10/19/2017 6:27:39 PMdbug: Microsoft.AspNetCore.Server.Kestrel[7] 10/19/2017 6:27:39 PM Connection id "0HL8N93RRUEOO" sending FIN. 10/19/2017 6:27:39 PMdbug: Microsoft.AspNetCore.Server.Kestrel[8] 10/19/2017 6:27:39 PM Connection id "0HL8N93RRUEOO" sent FIN with status "0". 10/19/2017 6:27:39 PMdbug: Microsoft.AspNetCore.Server.Kestrel[2] 10/19/2017 6:27:39 PM Connection id "0HL8N93RRUEOO" stopped. 10/19/2017 6:27:48 PMdbug: Microsoft.AspNetCore.Server.Kestrel[1] 10/19/2017 6:27:48 PM Connection id "0HL8N93RRUEOP" started. 10/19/2017 6:27:48 PMinfo: HttpsConnectionFilter[1] 10/19/2017 6:27:48 PM Failed to authenticate HTTPS connection. 10/19/2017 6:27:48 PMSystem.IO.IOException: The handshake failed due to an unexpected packet format. 10/19/2017 6:27:48 PM at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest) 10/19/2017 6:27:48 PM at System.Net.Security.SslState.PartialFrameCallback(AsyncProtocolRequest asyncRequest) 10/19/2017 6:27:48 PM--- End of stack trace from previous location where exception was thrown --- 10/19/2017 6:27:48 PM at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() 10/19/2017 6:27:48 PM at System.Net.Security.SslState.InternalEndProcessAuthentication(LazyAsyncResult lazyResult) 10/19/2017 6:27:48 PM at System.Net.Security.SslState.EndProcessAuthentication(IAsyncResult result) 10/19/2017 6:27:48 PM at System.Net.Security.SslStream.EndAuthenticateAsServer(IAsyncResult asyncResult) 10/19/2017 6:27:48 PM at System.Threading.Tasks.TaskFactory`1.FromAsyncCoreLogic(IAsyncResult iar, Func`2 endFunction, Action`1 endAction, Task`1 promise, Boolean requiresSynchronization) 10/19/2017 6:27:48 PM--- End of stack trace from previous location where exception was thrown --- 10/19/2017 6:27:48 PM at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() 10/19/2017 6:27:48 PM at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) 10/19/2017 6:27:48 PM at System.Runtime.CompilerServices.TaskAwaiter.GetResult() 10/19/2017 6:27:48 PM at Microsoft.AspNetCore.Server.Kestrel.Https.HttpsConnectionFilter.<OnConnectionAsync>d__6.MoveNext() 10/19/2017 6:27:48 PMdbug: Microsoft.AspNetCore.Server.Kestrel[10] 10/19/2017 6:27:48 PM Connection id "0HL8N93RRUEOP" disconnecting. 10/19/2017 6:27:48 PMdbug: Microsoft.AspNetCore.Server.Kestrel[7] 10/19/2017 6:27:48 PM Connection id "0HL8N93RRUEOP" sending FIN. 10/19/2017 6:27:48 PMdbug: Microsoft.AspNetCore.Server.Kestrel[8] 10/19/2017 6:27:48 PM Connection id "0HL8N93RRUEOP" sent FIN with status "0". 10/19/2017 6:27:48 PMdbug: Microsoft.AspNetCore.Server.Kestrel[2] 10/19/2017 6:27:48 PM Connection id "0HL8N93RRUEOP" stopped. 我的Program.cs:
public static void Main(string[] args) { Console.Title = "IdentityServer"; string certPass = Environment.GetEnvironmentVariable("CertificatePassword"); var host = new WebHostBuilder() .UseKestrel(options => { options.UseHttps(@"IdentityServer4Auth.pfx", certPass); }) .UseUrls("https://*:443") .UseContentRoot(Directory.GetCurrentDirectory()) .UseIISIntegration() .UseStartup<Startup>() .Build(); host.Run(); }
Dockerfile:
FROM microsoft/aspnetcore:1.1.2 ARG source WORKDIR /app COPY . . RUN curl -o **omitted** --insecure RUN echo **omitted** >> /etc/ca-certificates.conf && update-ca-certificates # Expose port 443 for the application. EXPOSE 443 ENTRYPOINT ["dotnet", "/app/USBIdentityServer.dll"]