Docker Community Forums

Share and learn in the Docker community.

Importing client SSL certificate when running a container using aspnetcore-runtime base

Good morning,

We are relatively new to Docker + containers and we’ve been tearing our hair out trying to work out how to do something that, on the face of it, seems relatively simple.

We have a dotnet core web api which uses Azure CosmosDB as our data store. For development purposes we are using the Azure CosmosDB emulator container as found here: https://hub.docker.com/r/microsoft/azure-cosmosdb-emulator/.

In order to use this you need to import the client certificate that is generated when the emulator is ran as a container. This works find when running the app locally - Import-Certificate with powershell and we’re good to go, but i can’t seem to find anyway to do this on our WebApi when running as a windows container.

This is the docker file we currently use to build the container:

FROM microsoft/dotnet:2.2-sdk as build

WORKDIR /app

COPY . .

RUN dotnet restore “src/Product/WebApi/WebApi.csproj” --configfile “build/nuget.config”

RUN dotnet publish “src/Product/WebApi/WebApi.csproj” -c Release -o /out

FROM microsoft/dotnet:2.2-aspnetcore-runtime AS runtime

WORKDIR /app

COPY --from=build /out .

ENTRYPOINT [ “dotnet”, “Geodesys.CaseMicroservice.WebApi.dll” ]

We are linking across to the the Azure Cosmos DB Emulator using a linked container for now, and i can ping it using the linked container alias. I have mapped a volume to my host where the certificates are generated so we have access to them within our container.

If we had powershell installed in the container (though we don’t want the bloat) but I can’t find a way to get this to work.

Anybody have any solutions for this?

Container A needs to install client certificate of app running on container B in order to make HTTP calls to container B.

Many thanks,

Joel.