Docker Community Forums

Share and learn in the Docker community.

Powershell cannot find file when run from dockerfile, but works when manually executed inside container

I am trying to set up SSL for a ASP.NET web application that is running in a docker for windows container. I am running on Windows 10.

Client: Docker Engine - Community
 Version:           19.03.8
 API version:       1.40
 Go version:        go1.12.17
 Git commit:        afacb8b
 Built:             Wed Mar 11 01:23:10 2020
 OS/Arch:           windows/amd64
 Experimental:      true

Server: Docker Engine - Community
  Version:          19.03.8
  API version:      1.40 (minimum version 1.24)
  Go version:       go1.12.17
  Git commit:       afacb8b
  Built:            Wed Mar 11 01:37:20 2020
  OS/Arch:          windows/amd64
  Experimental:     true

Below is my dockerfile:

FROM microsoft/aspnet:4.7.2-windowsservercore-1803
USER ContainerAdministrator


ARG source
WORKDIR /inetpub/wwwroot
COPY ${source:-obj/Docker/publish} .

RUN Add-WindowsFeature Web-Scripting-Tools

RUN Remove-WebSite -Name 'Default Web Site'

RUN New-Website -Name 'myApp' -IPAddress '*' -Port 443 -PhysicalPath C:\inetpub\wwwroot -ApplicationPool '.NET v4.5' -Ssl -SslFlags 0

#CMD ["powershell.exe", "-File", "AddCertificate.ps1"]

#RUN ["powershell", "C:\inetpub\wwwroot\AddCertificate.ps1"]

RUN powershell.exe -Command "\
   Import-Module IISAdministration; \
   Import-Module WebAdministration; \
  $pwd = ConvertTo-SecureString -String 'passw0rd!' -Force -AsPlainText; \

  # Import the certificate and store it in a variable to bind to later; \
 $cert = Import-PfxCertificate -Exportable -FilePath C:\inetpub\wwwroot\selfCert.pfx -CertStoreLocation cert:\localMachine\My -Password $pwd; \
  # Take the imported certificate and bind it to all traffic toward port 443 (you need to specify IP if you want multiple apps on 1 docker which I believe is ill-advised); \
  New-Item -Path IIS:\SslBindings\!443 -value $cert;"

Problem: Docker fails with the error that selfCert.pfx is not found.

I tried moving all these commands to a powershell script and tried running that too. Somehow docker/powershell cannot find my .ps1 file too.

When I connect to the container manually, I can see the files in the expected location. I can also execute .PS1 successfully. The problem occurs only when its executed from the dockerfile.

I tried USER ContainerAdministrator, also different ways of calling PowerShell with -Bypass -File but unable to run it from dockerfile.

Need some help in getting this run and identify why this is happening.


After struggling for quite long time, I am able to find out the root cause of this issue. There is one .dockerignore file within the same directory which is causing these file path related restriction. We would require to mention these relative path ignore syntax in the .dockerignore file.

I have used Publish solution feature in visual studio then copied the content from Publish folder to the container working directory through docker file.

Below steps have been followed:
1.In Visual Studio, Publish the application solution in Publish folder: /bin/Release/Publish .
2.In dockerfile, use COPY command to copy the items from Publish folder( /bin/Release/Publish/ )[ instead of docker folder ] to container working directory .[ Command: COPY /bin/Release/Publish/ . ]
3.Include the above relative path ignore syntax in .dockerignore file like !bin\Release\Publish.*
4.Specify the .pfx file path in the SSL import powershell command in the docker file. [Command: -FilePath C:\inetpub\wwwroot\selfCert.pfx OR -FilePath ./selfCert.pfx ]