我正在开发一个NetCore Webapi,它使用证书来调用外部服务,在Windows上运行得很好,但在Linux上使用docker映像时,它找不到证书.
该映像是使用以下工具构建的:
FROM mcr.microsoft.com/dotnet/aspnet:5.0
WORKDIR /app
EXPOSE 80
# Copy csproj and restore as distinct layers
COPY "bin/Release/net5.0/linux-x64" ./
# set noninteractive installation
ENV DEBIAN_FRONTEND=noninteractive
COPY MyCertificate.crt /usr/local/share/ca-certificates/MyCertificate.crt
RUN update-ca-certificates
ENTRYPOINT ["dotnet", "MyApp.dll"]
输出正常:
Step 10/12 : COPY MyCertificate.crt /usr/local/share/ca-certificates/MyCertificate.crt
---> bfea272fa88d
Step 11/12 : RUN update-ca-certificates
---> Running in 4c3844714aea
Updating certificates in /etc/ssl/certs...
1 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.
但是,当我运行或按 fingerprint 搜索证书时,我找不到它:
X509Store store = new X509Store(StoreName.My, StoreLocation.CurrentUser);
store.Open(OpenFlags.ReadOnly);
var certs = new StringBuilder();
foreach (X509Certificate2 certificate in store.Certificates)
{
certs.Append(certificate.Thumbprint);
}