.net core docker how to access pfx certificate in code with httpclient? trying to access an external api from container which needs cert

旧街凉风 提交于 2021-01-29 08:14:42

问题


  1. This is how i use it my local machine. I use this pfx cert to fetch data from external API.
services.AddHttpClient("test", c =>{}).ConfigurePrimaryHttpMessageHandler(() => 
            {
                var handler = new HttpClientHandler
                {
                    ClientCertificateOptions = ClientCertificateOption.Manual,
                    SslProtocols = SslProtocols.Tls12
                }
            
               handler.ClientCertificates.Add(newX509Certificate2("pathtopfxcert", "pathtokey"));

               return handler;
            }
  1. But this piece of code throws an error as below when running inside RHEL Container
fail: Microsoft.AspNetCore.Server.Kestrel[13]
      Connection id "0HM47J1331JFT", Request id "0HM47J1331JFT:00000001": An unhandled exception was thrown by the application.
System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception.
 ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
   at System.Net.Security.SslStream.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, ExceptionDispatchInfo exception)
  1. How to fix this issue? Should i change the code ?

回答1:


When used inside a rhel image I needed to set

ENV WEBSITE_PRIVATE_CERTS_PATH="pathtopfxcert" 

in the dockerfile and copy .pfx cert to that same path using

COPY localpfxpath.px pathtopfxcert


来源:https://stackoverflow.com/questions/64822993/net-core-docker-how-to-access-pfx-certificate-in-code-with-httpclient-trying-t

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!