question

DavidInnovTech-6076 avatar image
0 Votes"
DavidInnovTech-6076 asked ·

Problem about gRPC in Docker and SSL

Hello everybody,

I try to run gRPC server with SSL certificate in a docker container and it doesn't work.

With VS2019, I create a new project (gRPC Service / .Net Core 3.1), and when I run it (standalone mode), it works. After that, I generate a self-signed certificate (PFX format with password), update the code, and it's still working.

Now, I add the Docker support with DockerFile and Docker-Compose, and the gRPC server doesn't, I have the error message : Interop.Crypto.OpenSslCryptographicException
HResult=0x2006D080
Message=error:2006D080:BIO routines:BIO_new_file:no such file
Source=System.Security.Cryptography.X509Certificates
.

And if I use a wrong password for the certificate, I have this error message :
Interop.Crypto.OpenSslCryptographicException
HResult=0x23076071
Message=error:23076071:PKCS12 routines:PKCS12_parse:mac verify failure
Source=System.Security.Cryptography.X509Certificates

If you have any advice, I take it

Thanks!

azure-devtestlabs
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

kobulloc-MSFT avatar image
0 Votes"
kobulloc-MSFT answered ·

This is more of a Docker specific question and outside my area of expertise but I'll do my best to point you in the right direction. My first recommendation would be to check out our documentation here:

ASP.NET Core gRPC for WCF devleopers

https://docs.microsoft.com/en-us/dotnet/architecture/grpc-for-wcf-developers/docker


For a solution with a single application, and thus a single Dockerfile, it's simplest to put the Dockerfile in the base directory. In other words, put it in the same directory as the .sln file. In that case, to build the image, use the following docker build command from the directory containing the Dockerfile.


And more specific to your scenario is a similar certificate issue:

https://github.com/dotnet/dotnet-docker/issues/915

If you are using the default dockerfile from visual studio this is the line you have to add:

 ....
 FROM microsoft/dotnet:2.2-aspnetcore-runtime-nanoserver-1803 AS base
 USER ContainerAdministrator
 WORKDIR /app
 EXPOSE 80
 EXPOSE 443


I wish I could be of more help, but hopefully that gets you pointed in the right direction.









· Share
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.