Aspnet website in docker in windows, IIS and self-signed certificate

The application is hosted in a docker container. The actual folder with the app publish, is mapped into the container, so when the code changes it’s inmediatly reflected in the running container.



SHELL [ "powershell" ]

COPY src/Bustroker.LocalEnv.WebUI/bin/app.publish c:/webapp

ADD configureIIS.ps1 /windows/temp/configureIIS.ps1
RUN powershell.exe -executionpolicy bypass c:\windows\temp\configureIIS.ps1

Configure IIS script

configureIIS.ps1 script, copied into the image on build.

# Configure SSL certificate for default website
Import-Module WebAdministration
Set-Location IIS:\SslBindings
New-WebBinding -Name "Default Web Site" -IP "*" -Port 443 -Protocol https
$c = New-SelfSignedCertificate -DnsName "localhost" -CertStoreLocation cert:\LocalMachine\My
$c | New-Item!443

New-WebApplication -Site 'Default Web Site' -Name 'webapp' -PhysicalPath 'C:\webapp'

# Set full access to app folder for default app pool. This is required if the app folder is being mapped to the host rather than copying the content to the container.
$path = "C:\webapp"  
$user = "IIS AppPool\DefaultAppPool"  
$acl = Get-Acl $path  
$accessRule = New-Object$User,"FullControl", "ContainerInherit,ObjectInherit", "None", "Allow")  
Set-Acl $path $acl 

Docker compose

Instead of copying the app, the folder is being mapped to host’s folder. Better approach for development.

version: '3.8'
    build: .
      - "80:80"
      - "443:443"
      - ./src/Bustroker.WebUI/bin/app.publish:C:/webapp


Compile and publish the site file system, e.g., to default folder bin/app.publish. Then run

docker-compose up -d --build

Browse to http://localhost/webapp, or to https://localhost/webapp. There is of course the warning This CA Root certificate is not trusted because it is not in the Trusted Root Certification Authorities store.