我有一个 Asp.net MVC 应用程序,我已将其容器化在 docker 中并部署在 Service fabric 上。该应用程序与 HTTP 完美配合,但在尝试启用 HTTPS 时,该服务会响应 无法安全连接到此页面 fabric 集群上安装了一个通配符证书。 DockerFile 看起来像
FROM mcr.microsoft.com/windows/servercore:1803
ARG source
SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"]
WORKDIR /inetpub/wwwroot
COPY ${source} .
RUN Add-WindowsFeature Web-Server; `
Add-WindowsFeature NET-Framework-45-ASPNET; `
Add-WindowsFeature Web-Asp-Net45;
HEALTHCHECK --retries=5 --interval=100s --start-period=10s CMD curl --fail http://localhost || exit 1
EXPOSE 80
服务 list 有以下端点
<Resources>
<Endpoints>
<!-- This endpoint is used by the communication listener to obtain the port on which to
listen. Please note that if your service is partitioned, this port is shared with
replicas of different partitions that are placed in your code. -->
<Endpoint Name="BookingApiServiceTypeEndpoint" UriScheme="https" Protocol="https" Type="Input" Port="61650" />
</Endpoints></Resources>
应用程序 list 具有以下 ServiceManifestImport
<ServiceManifestImport>
<ServiceManifestRef ServiceManifestName="BookingApiServicePkg" ServiceManifestVersion="1.0.0" />
<ConfigOverrides />
<Policies>
<ContainerHostPolicies CodePackageRef="Code" AutoRemove="false" UseDefaultRepositoryCredentials="false" ContainersRetentionCount="2" RunInteractive="true">
<PortBinding ContainerPort="80" EndpointRef="BookingApiServiceTypeEndpoint" />
<HealthConfig IncludeDockerHealthStatusInSystemHealthReport="true" RestartContainerOnUnhealthyDockerHealthStatus="false"/>
</ContainerHostPolicies>
<EndpointBindingPolicy EndpointRef="BookingApiServiceTypeEndpoint" CertificateRef="HttpsCert" />
</Policies></ServiceManifestImport>
服务标签为
<Service Name="BookingApiService" ServiceDnsName="bookingapi.dutchhub.com" ServicePackageActivationMode="ExclusiveProcess">
<StatelessService ServiceTypeName="BookingApiServiceType" InstanceCount="1">
<SingletonPartition />
</StatelessService></Service>
证书标记为
<Certificates>
<EndpointCertificate X509FindValue="[HttpsCertThumbprint]" Name="HttpsCert"/> </Certificates>
最佳答案
- 将您的
PortBinding更改为目标端口 443 - 配置 IIS 以使用端口 443 和有效证书
- 更改您的 dockerfile 以公开端口 443
- 在负载均衡器上打开端口 443
更多信息在 this walkthrough
关于asp.net-mvc - Service fabric 上的 https 请求返回 "Can’ t 安全连接到此页面”,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/57200420/