2020-09-29 19:20:59 +01:00
|
|
|
# Setup dev certificates deploying to Docker Desktop
|
2020-09-28 23:35:30 +01:00
|
|
|
|
|
|
|
|
1. Create a self-signed certificate
|
|
|
|
|
2. Install certificates
|
|
|
|
|
3. Configure the services
|
|
|
|
|
|
|
|
|
|
## 1 - Create the self-signed certificate (`.pem + .key`) and its `.pfx` file
|
|
|
|
|
|
|
|
|
|
**From WSL**, run the `create-docker-certificate.sh` script with a strong password for the certificate.
|
|
|
|
|
|
|
|
|
|
```bash
|
|
|
|
|
./create-docker-certificate.sh "secure-COMPLEX-and-SECRET-password"
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
The script creates a certificate for both `host.docker.internal` and `localhost`.
|
|
|
|
|
|
|
|
|
|
### 2 - Install the certificates
|
|
|
|
|
|
|
|
|
|
Run the `install-docker-certificate.ps1` with the same password you used above:
|
|
|
|
|
|
|
|
|
|
```powershell
|
|
|
|
|
.\install-docker-certificate.ps1 "secure-COMPLEX-and-SECRET-password"
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
The above script:
|
|
|
|
|
|
|
|
|
|
1. Imports the certificate in the current user root CA store.
|
|
|
|
|
2. Copies the certificate files to the `%USERPROFILE%\.aspnet\https` folder. Servers will serve the certificate from this folder.
|
|
|
|
|
3. Copies the `.pem` file as `.crt` to the src\certificates folder to add it as a root CA when building the images for some services.
|
|
|
|
|
|
|
|
|
|
### 3 - Configure some services to serve the certificates
|
|
|
|
|
|
|
|
|
|
1. Copy the `src\docker-compose.certificates.sample.yaml` file as `src\docker-compose.certificates.yaml`
|
|
|
|
|
2. Configure the password you assigned to the certificates in the settings `ASPNETCORE_Kestrel__Certificates__Default__Password`
|
2020-09-29 19:20:59 +01:00
|
|
|
|
|
|
|
|
> **IMPORTANT**
|
|
|
|
|
>
|
|
|
|
|
> The `src\docker-compose.certificates.yaml` file is .gitignore'd to avoid pushing it to the repo with the certificate password.
|
|
|
|
|
>
|
|
|
|
|
> To avoid security risks, **DON'T FORCE PUSH the file**.
|
