我在Win10机器上使用LINUX容器运行dotnet core 2.1
我使用openssl创建了一个自签名CA并安装在docker机器中. Docker输出显示已添加CA.
当我在命令下运行时,它还会向我显示已安装的证书
awk -v cmd='openssl x509 -noout -subject' '/BEGIN/{close(cmd)};{print | cmd}' < /etc/ssl/certs/ca-certificates.crt
但是,无法通过X509Store访问已安装的证书
using (var store = new X509Store(StoreName.CertificateAuthority,StoreLocation.LocalMachine))
{
store.Open(OpenFlags.ReadOnly);
Console.WriteLine($"LocalMachine-> CertificateAuthority-> Count: {store.Certificates.Count}");
foreach (var cert in store.Certificates)
{
Console.WriteLine($"cert: {cert}");
}
}
using (var store = new X509Store(StoreName.Root,StoreLocation.LocalMachine))
{
store.Open(OpenFlags.ReadOnly);
Console.WriteLine($"LocalMachine-> Root-> Count: {store.Certificates.Count}");
foreach (var cert in store.Certificates)
{
Console.WriteLine($"cert: {cert.IssuerName.Name}");
}
}
但我认为它应该是152.
这是我的docker文件
FROM microsoft/dotnet:2.1-runtime AS base
workdir /app
FROM microsoft/dotnet:2.1-sdk AS build
workdir /src
copY TestWebApp1/TestWebApp1.csproj TestWebApp1/
RUN dotnet restore TestWebApp1/TestWebApp1.csproj
copY . .
workdir /src/TestWebApp1
RUN dotnet build TestWebApp1.csproj -c Release -o /app
FROM build AS publish
RUN dotnet publish TestWebApp1.csproj -c Release -o /app
RUN ls -l
RUN ls certificate/
copY TestWebApp1/certificate/ca.crt /usr/share/ca-certificates/ca.crt
RUN echo ca.crt >> /etc/ca-certificates.conf
RUN ls /usr/local/share/ca-certificates/
RUN dpkg-reconfigure -p critical ca-certificates
RUN update-ca-certificates
RUN awk -v cmd='openssl x509 -noout -subject' '/BEGIN/{close(cmd)};{print | cmd}' < /etc/ssl/certs/ca-certificates.crt
FROM base AS final
workdir /app
copY --from=publish /app .
ENTRYPOINT ["dotnet","TestWebApp1.dll"]
任何帮助,将不胜感激.
提前致谢.
最佳答案
