.net core docker how to access pfx certificate in code with httpclient? trying to access an external api from container which needs cert

问题

1. This is how i use it my local machine. I use this pfx cert to fetch data from external API.

services.AddHttpClient("test", c =>{}).ConfigurePrimaryHttpMessageHandler(() => 
            {
                var handler = new HttpClientHandler
                {
                    ClientCertificateOptions = ClientCertificateOption.Manual,
                    SslProtocols = SslProtocols.Tls12
                }
            
               handler.ClientCertificates.Add(newX509Certificate2("pathtopfxcert", "pathtokey"));

               return handler;
            }

2. But this piece of code throws an error as below when running inside RHEL Container

fail: Microsoft.AspNetCore.Server.Kestrel[13]
      Connection id "0HM47J1331JFT", Request id "0HM47J1331JFT:00000001": An unhandled exception was thrown by the application.
System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception.
 ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
   at System.Net.Security.SslStream.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, ExceptionDispatchInfo exception)

3. How to fix this issue? Should i change the code ?

回答1:

When used inside a rhel image I needed to set

ENV WEBSITE_PRIVATE_CERTS_PATH="pathtopfxcert" 

in the dockerfile and copy .pfx cert to that same path using

COPY localpfxpath.px pathtopfxcert

来源：https://stackoverflow.com/questions/64822993/net-core-docker-how-to-access-pfx-certificate-in-code-with-httpclient-trying-t