ayan.poddar/eShopOnContainers

History

Miguel Veloso f6cfffb85f Update certificates README

2020-09-29 19:20:59 +01:00

..

.gitignore

Final working version (docker-compose)

2020-09-28 23:35:30 +01:00

create-docker-certificate.sh

Final working version (docker-compose)

2020-09-28 23:35:30 +01:00

install-docker-certificate.ps1

Final working version (docker-compose)

2020-09-28 23:35:30 +01:00

README.md

Update certificates README

2020-09-29 19:20:59 +01:00

README.md

Setup dev certificates deploying to Docker Desktop

Create a self-signed certificate
Install certificates
Configure the services

1 - Create the self-signed certificate (`.pem + .key`) and its `.pfx` file

From WSL, run the create-docker-certificate.sh script with a strong password for the certificate.

./create-docker-certificate.sh "secure-COMPLEX-and-SECRET-password"

The script creates a certificate for both host.docker.internal and localhost.

2 - Install the certificates

Run the install-docker-certificate.ps1 with the same password you used above:

.\install-docker-certificate.ps1 "secure-COMPLEX-and-SECRET-password"

The above script:

Imports the certificate in the current user root CA store.
Copies the certificate files to the %USERPROFILE%\.aspnet\https folder. Servers will serve the certificate from this folder.
Copies the .pem file as .crt to the src\certificates folder to add it as a root CA when building the images for some services.

3 - Configure some services to serve the certificates

Copy the src\docker-compose.certificates.sample.yaml file as src\docker-compose.certificates.yaml
Configure the password you assigned to the certificates in the settings ASPNETCORE_Kestrel__Certificates__Default__Password

Important

The src\docker-compose.certificates.yaml file is .gitignore'd to avoid pushing it to the repo with the certificate password.

To avoid security risks, DON'T FORCE PUSH the file.