Account

Running a .NET web app locally inside a container using Docker is super easy. Visual Studio does almost everything for you. It is not much more than right-clicking on your project and under Add selecting Docker Support. You get a Dockerfile that is ready to run. By default a self-signed certificate is added to use HTTPS in Docker locally, the only thing you need to do is accept the self-signed certificate.

Deploying to Azure is also easy, you can manage the certificates in your Web App and even use a free certificate. The only catch is that Azure handles the HTTPS, but your container doesn't have the certificate, it's handled by a proxy. Azure calls the container from the proxy using HTTP. 

cloud_azere_ssl_docker

The only issue you may encounter is that your container doesn't know that the request was made over HTTPS. You may notice this if you use, as in my case, a:

  • Request.Scheme
  • services.AddHsts (for the strict-transport-security header)
  • An AddProgressiveWebApp nuget such as WebEssentials.AspNetCore.PWA
  • External OAuth login provider

All of these won't start or start using HTTP, which we don't want. 

The solution for this is super simple. Add the following to your Program.cs or Startup.cs

app.UseForwardedHeaders(new ForwardedHeadersOptions
{
    ForwardedHeaders = ForwardedHeaders.XForwardedProto
});

It will pass the value of the original request scheme, HTTP or HTTPS, to your app inside the container. 

Comments


Register or login to leave a comment