Issue when creating self-signed certificate inside docker image

[vd3d]

Hi there,

I'm having an issue with my docker images, a month ago they worked well but I have done a minor change (HTML change, in a minor page) and try to rebuild a new docker image.

But when I deploy the docker image, I got the following error message:

System.InvalidOperationException: Unable to configure HTTPS endpoint. No server certificate was specified, and the default developer certificate could not be found or is out of date.
To generate a developer certificate run 'dotnet dev-certs https'. To trust the certificate (Windows and macOS only) run 'dotnet dev-certs https --trust'.
For more information on configuring HTTPS see https://go.microsoft.com/fwlink/?linkid=848054.
   at Microsoft.AspNetCore.Hosting.ListenOptionsHttpsExtensions.UseHttps(ListenOptions listenOptions, Action`1 configureOptions)
   at Microsoft.AspNetCore.Hosting.ListenOptionsHttpsExtensions.UseHttps(ListenOptions listenOptions)
   at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.AddressesStrategy.BindAsync(AddressBindContext context)
   at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.BindAsync(IEnumerable`1 listenOptions, AddressBindContext context)
   at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.BindAsync(CancellationToken cancellationToken)
   at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServerImpl.StartAsync[TContext](IHttpApplication`1 application, CancellationToken cancellationToken)
   at Microsoft.AspNetCore.Hosting.GenericWebHostService.StartAsync(CancellationToken cancellationToken)
   at Microsoft.Extensions.Hosting.Internal.Host.StartAsync(CancellationToken cancellationToken)
   at Microsoft.Extensions.Hosting.HostingAbstractionsHostExtensions.RunAsync(IHost host, CancellationToken token)
   at Microsoft.Extensions.Hosting.HostingAbstractionsHostExtensions.RunAsync(IHost host, CancellationToken token)
   at Microsoft.Extensions.Hosting.HostingAbstractionsHostExtensions.Run(IHost host)

Here is a summary of the setup

I tried to build the docker image manually, and also automatically with my CI/CD (AzureDevOps). But both are producing the same error.
I checked for any change in GIT history... nothing.

Here is the DockerFile I use

### >>> GLOBALS
ARG ENVIRONMENT="Production"
ARG PROJECT="SmartPixel.SoCloze.Web"

# debian buster - AMD64
FROM mcr.microsoft.com/dotnet/sdk:5.0 AS build

### >>> IMPORTS
ARG ENVIRONMENT
ARG PROJECT

ARG NUGET_CACHE=https://api.nuget.org/v3/index.json
ARG NUGET_FEED=https://api.nuget.org/v3/index.json

# Copy sources
COPY src/ /app/src
ADD common.props /app

WORKDIR /app

RUN apt-get update
RUN apt-get install curl
RUN curl -sL https://deb.nodesource.com/setup_14.x | bash -
RUN apt-get install -y nodejs
RUN npm install /app/src/SmartPixel.Core.Blazor/

# Installs the required dependencies on top of the base image
# Publish a self-contained image
RUN apt-get update && apt-get install -y libgdiplus libc6-dev && dotnet dev-certs https --clean;\
    dotnet dev-certs https && dotnet dev-certs https --trust;\
    dotnet publish --self-contained --runtime linux-x64 -c Debug -o out src/${PROJECT};

# Execute

# Start a new image from aspnet runtime image
FROM mcr.microsoft.com/dotnet/sdk:5.0 AS runtime

### >>> IMPORTS
ARG ENVIRONMENT
ARG PROJECT

ENV ASPNETCORE_ENVIRONMENT=${ENVIRONMENT}
ENV ASPNETCORE_URLS="http://+:80;https://+:443;https://+:44390"	
ENV PROJECT="${PROJECT}.dll"

# Make logs a volume for persistence
VOLUME /app/Logs

# App directory
WORKDIR /app

# Copy our build from the previous stage in /app
COPY --from=build /app/out ./

RUN apt-get update && apt-get install -y ffmpeg libgdiplus libc6-dev

# Ports
EXPOSE 80
EXPOSE 443
EXPOSE 44390

# Execute
ENTRYPOINT dotnet ${PROJECT}

What is strange is that old images (> 1-month-old) are all working, but not when I rebuild them.

Here is also the docker compose file:

version: '3.3'
services:
  web:
    image: registry.gitlab.com/mycorp/socloze.web:1.1.1040
    volumes:
     - keys-vol:/root/.aspnet
     - logs-vol:/app/Logs
     - sitemap-vol:/data/sitemap/
    networks:
     - haproxy-net
     - socloze-net
    configs:
     -
      source: socloze-web-conf
      target: /app/appsettings.json
    logging:
      driver: json-file
    deploy:
      placement:
        constraints:
         - node.role == manager
networks:
  haproxy-net:
    external: true
  socloze-net:
    external: true
volumes:
  keys-vol:
    driver: local
    driver_opts:
      device: /data/socloze/web/keys
      o: bind
      type: none
  logs-vol:
    driver: local
    driver_opts:
      device: /data/socloze/web/logs
      o: bind
      type: none
  sitemap-vol:
    driver: local
    driver_opts:
      device: /data/sitemap
      o: bind
      type: none
configs:
  socloze-web-conf:
    external: true

What can be the cause if:

• old images are working perfectly
• new images are producing this error
• no code change, no change in the 'DockerFile'
• the OS is Debian, the Docker images system is Ubuntu

Do you have any idea? I'm searching for weeks about a solution!

[vd3d]

I have see this post too #6199 , with a solution by @Rick-Anderson , but honestly I do not know what to change, why it was working for a year and not anymore. Is there some breaking change in the .NET SDK or Docker or whatever.

Any idea is welcome.

Thanks

[a11delavar]

It just started to show up for me out of nowhere as well. I am also using a somewhat-similar architecture. The container with the identical image was working until last week and I have no idea what on my end, if anything, caused the problem. I also tried recreating the images and building new containers and had no luck.

@vd3d Have you had any success finding out what the root of the problem is and how to solve it?

[Rick-Anderson]

Have you looked at #6199 and #3310

@javiercn can you take a look?

[Rick-Anderson]

Thank you for contacting us. Due to a lack of activity on this discussion issue we're closing it in an effort to keep our backlog manageable. If you believe there is a concern which hasn't been addressed, please file a new issue.