更新:这似乎是某种证书错误,因为我向API控制器添加了以下内容,并且可以进行调用:
[ApiController]
[Route("api/[controller]")]
public class MyController : ControllerBase
{
private HttpClientHandler handler = new HttpClientHandler();
private static HttpClient _httpClient;
public MyController()
{
handler.ServerCertificateCustomValidationCallback = HttpClientHandler.DangerousAcceptAnyServerCertificateValidator;
_httpClient = new HttpClient(handler);
}
...
}
然而,我仍然不确定问题是什么,因为我应该能够使用自签名证书执行API调用。如何消除对HttpClientHandler.DangerousAcceptAnyServerCertificateValidator的需求?
原始
我正在开发一个面向Linux的.NET6webneneneba API Docker容器,而我的主机环境是Windows。当使用dotnet run本地运行并使用dotnet publish -c Release -o out和dotnet out/my-app.dll构建生产构建时,我可以访问所有端点。
然而,当我在docker容器中运行应用程序时,只有一个端点可以访问,而其他端点则出现404 Not Found错误:Error: The SSL connection could not be established, see inner exception.首先,其中是内部异常。我似乎在Chrome开发工具或API工具(Insomnia.rest(中找不到它。其次,我相信我已经正确配置了开发证书。
以下是我的步骤:
- 运行
dotnet dev-certs https --clean并检查certmgr.exe是否确实删除了证书,并在需要时删除 - 使用
dotnet dev-certs https -ep %USERPROFILE%.aspnethttpsaspnetapp.pfx -p {password here}创建新证书 - 使用
dotnet dev-certs https --trust信任证书
这是我的Dockerfile:
注意:我使用的是私人容器回购,但图像是Dockerhub上的普通图像。
FROM myprivaterepo/dotnet/sdk:6.0.202-bullseye-slim-amd64 AS build
WORKDIR /app
COPY *.csproj .
RUN dotnet restore
COPY . .
RUN dotnet publish -c Release -o out
FROM myprivaterepo/dotnet/aspnet:6.0.4-bullseye-slim-amd64
WORKDIR /app
EXPOSE 80
EXPOSE 443
EXPOSE 5000
EXPOSE 5001
ENV ASPNETCORE_URLS=https://+:5001;http://+:5000
COPY --from=build /app/out .
ENTRYPOINT ["dotnet", "mantis-server.dll"]
接下来我构建容器:docker build -t my-app .
然后,我运行应用程序:docker run --rm -it -p 5001:5001 -e ASPNETCORE_HTTPS_PORT=5001 -e ASPNETCORE_Kestrel__Certificates__Default__Password="password here" -e ASPNETCORE_Kestrel__Certificates__Default__Path=/https/aspnetapp.pfx -e ASPNETCORE_ENVIRONMENT=Development -v ~/.aspnet/https:/https:ro -v ~/devsecrets:/.microsoft/usersecrets my-app
共有三个端点:/api/weatherforecast、/api/users?userId=1和/api/cart?userId=1&cartId=1。我可以毫无问题地访问/api/weatherforecast,但其他两个端点导致Error: The SSL connection could not be established, see inner exception.
我不确定问题出在哪里。每个端点都由一个单独的控制器处理。《失眠》中有一条注释:* Re-using existing connection! (#10) with host localhost,但我不确定这意味着什么。
如果你需要更多信息,请告诉我。谢谢
我遇到了同样的问题,我在底部通过以下方式解决了它:
首先这是我的docker文件:
FROM mcr.microsoft.com/dotnet/aspnet:6.0 AS base
WORKDIR /app
FROM mcr.microsoft.com/dotnet/sdk:6.0 AS build
WORKDIR /src
COPY ["Shoppify.Market.App.Api/Shoppify.Market.App.Api.csproj", "Shoppify.Market.App.Api/"]
COPY ["Shoppify.Market.App.Infrastructure/Shoppify.Market.App.Infrastructure.csproj", "Shoppify.Market.App.Infrastructure/"]
COPY ["Shoppify.Market.App.Identity/Shoppify.Market.App.Identity.csproj", "Shoppify.Market.App.Identity/"]
COPY ["Shoppify.Market.App.Service/Shoppify.Market.App.Service.csproj", "Shoppify.Market.App.Service/"]
COPY ["Shoppify.Market.App.Persistence/Shoppify.Market.App.Persistence.csproj", "Shoppify.Market.App.Persistence/"]
COPY ["Shoppify.Market.App.Domain/Shoppify.Market.App.Domain.csproj", "Shoppify.Market.App.Domain/"]
RUN dotnet restore "Shoppify.Market.App.Api/Shoppify.Market.App.Api.csproj"
COPY . .
WORKDIR "/src/Shoppify.Market.App.Api"
RUN dotnet build "Shoppify.Market.App.Api.csproj" -c Release -o /app/build
FROM build AS publish
RUN dotnet publish "Shoppify.Market.App.Api.csproj" -c Release -o /app/publish
FROM base AS final
WORKDIR /app
COPY --from=publish /app/publish .
EXPOSE 5107
EXPOSE 7107
ENTRYPOINT ["dotnet", "Shoppify.Market.App.Api.dll"]
实际上,当你想将你的应用程序重定向到ssl端口时,你必须生成它的证书,因此在docker-compose.yml文件中执行,就像我一样:
version: '3.9'
services:
myapi:
build:
context: .
dockerfile: ./Dockerfile
ports:
- "5107:5107"
- "7107:7107"
volumes:
- ./Shoppify.Market.App.Api/appsettings.Development.json:/app/appsettings.json
- ./Shoppify.Market.App.Api/values.json:/app/values.json
- ~/.aspnet/https:/https:ro
depends_on:
- sqlserver
environment:
- ASPNETCORE_URLS=http://+:5107
- ASPNETCORE_HTTPS_PORT=https://+:7107
- ASPNETCORE_ENVIRONMENT=Development
#----------------------------------------------------------------------------
- ASPNETCORE_Kestrel__Certificates__Default__Password=12345678
- ASPNETCORE_Kestrel__Certificates__Default__Path=/https/aspnetapp.pfx
# dotnet dev-certs https -ep %USERPROFILE%.aspnethttpsaspnetapp.pfx -p { password here } AND THEN dotnet dev-certs https --trust
#-------------------------------------------------------------------------
sqlserver:
image: mcr.microsoft.com/mssql/server:2019-latest
environment:
SA_PASSWORD: "@Li12345678"
ACCEPT_EULA: "Y"
在";"环境";部分,并且最后两行(我的意思是->ASPNETCORE_Kestrel_Certificates_Default__Password和ASPNETCORE_Kestrel_Certifications_Default__Path(将生成证书。我的应用程序按此说明运行。不要忘记在cmd中运行此命令(dotnet dev certs https-ep%USERPROFILE%.aspnet\https\aspnetapp.pfx-p{password here}AND THEN dotnet dev-certs https--trust(
我希望我能解决你的问题。