Problem about gRPC in Docker and SSL

David-InnovTech 1 Reputation point
2020-03-16T15:12:35.437+00:00

Hello everybody,

I try to run gRPC server with SSL certificate in a docker container and it doesn't work.

With VS2019, I create a new project (gRPC Service / .Net Core 3.1), and when I run it (standalone mode), it works. After that, I generate a self-signed certificate (PFX format with password), update the code, and it's still working.

Now, I add the Docker support with DockerFile and Docker-Compose, and the gRPC server doesn't, I have the error message : Interop.Crypto.OpenSslCryptographicException
HResult=0x2006D080
Message=error:2006D080:BIO routines:BIO_new_file:no such file
Source=System.Security.Cryptography.X509Certificates.

And if I use a wrong password for the certificate, I have this error message :
Interop.Crypto.OpenSslCryptographicException
HResult=0x23076071
Message=error:23076071:PKCS12 routines:PKCS12_parse:mac verify failure
Source=System.Security.Cryptography.X509Certificates

If you have any advice, I take it

Thanks!

Azure DevTest Labs
Azure DevTest Labs
An Azure service that is used for provisioning development and test environments.
256 questions

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. kobulloc-MSFT 23,496 Reputation points Microsoft Employee
    2020-03-19T03:49:14.32+00:00

    This is more of a Docker specific question and outside my area of expertise but I'll do my best to point you in the right direction. My first recommendation would be to check out our documentation here:

    ASP.NET Core gRPC for WCF devleopers

    https://learn.microsoft.com/en-us/dotnet/architecture/grpc-for-wcf-developers/docker

    For a solution with a single application, and thus a single Dockerfile, it's simplest to put the Dockerfile in the base directory. In other words, put it in the same directory as the .sln file. In that case, to build the image, use the following docker build command from the directory containing the Dockerfile.

    And more specific to your scenario is a similar certificate issue:

    https://github.com/dotnet/dotnet-docker/issues/915

    If you are using the default dockerfile from visual studio this is the line you have to add: 

    ....  
FROM microsoft/dotnet:2.2-aspnetcore-runtime-nanoserver-1803 AS base  
USER ContainerAdministrator  
WORKDIR /app  
EXPOSE 80  
EXPOSE 443

    I wish I could be of more help, but hopefully that gets you pointed in the right direction.

    0 comments
  2. Yogi 346 Reputation points
    2021-05-13T15:09:55.897+00:00

    The error Interop.Crypto.OpenSslCryptographicException comes when the app does not get the ssl certificate on the path or the certificate is not valid. May be this article will help you ASP.NET Core APP with HTTPS in Docker.

    Moreover, in this ms docs there are details to create certificates of all types in powershell. You should definately try creating a one as they are doing it.

    0 comments