david/net-base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 3 Wiki Activity

update readme

Browse Source
This commit is contained in:
David Claeys
2025-04-03 16:38:10 +02:00
parent e2a8072b69
commit d5e008823f
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
README.md
View File

@ -74,16 +74,16 @@ docker build --build-arg CERT_PASSWORD=supersecretpassword . -t net-base
### Webserver and certificates ### Webserver and certificates
This images uses the system provided by Microsoft to generate a development certificate and uses the [Kestrel](https://learn.microsoft.com/en-us/aspnet/core/fundamentals/servers/?view=aspnetcore-9.0&tabs=windows) webserver.<br/> This images uses the system provided by Microsoft to generate a development certificate and uses the [Kestrel](https://learn.microsoft.com/en-us/aspnet/core/fundamentals/servers/?view=aspnetcore-9.0&tabs=windows) webserver.<br/>
In previous .NET versions it was not recommended to expose Kestrel directly to the internet, now Microsoft claims you can do that if you want so.<br/> In previous .NET versions it was not recommended to expose Kestrel directly to the internet, now Microsoft claims you can do that if you want so.
However you never should use the included development certificate included in this image when doing so.
However you never should use the included development certificate included in this image when doing so.<br/>
The certificate included by default (generated through the _dotnet dev-certs_ command) is not really suited for production environments.
If you want to directly expose the Kestrel webserver use the following environment variables to properly setup a certificate : If you want to directly expose the Kestrel webserver use the following environment variables to properly setup a certificate :
- **ASPNETCORE_Kestrel__Certificates__Default__Path** (the path to the certificate key) - **ASPNETCORE_Kestrel__Certificates__Default__Path** (the path to the certificate key)
- **ASPNETCORE_Kestrel__Certificates__Default__KeyPath** (the path to the certificate) - **ASPNETCORE_Kestrel__Certificates__Default__KeyPath** (the path to the certificate)
- **ASPNETCORE_Kestrel__Certificates__Default__Password** (the password for the key file) - **ASPNETCORE_Kestrel__Certificates__Default__Password** (the password for the key file)
The certificate included by default (generated through the _dotnet dev-certs_ command) is not really suited for production environments.
In practice it's much easier to expose the server through a proxy to the public (hence the recommended method). In practice it's much easier to expose the server through a proxy to the public (hence the recommended method).
Depending on your use-case you event might consider to use docker networking in order to accomplish proper isolation. Depending on your use-case you event might consider to use docker networking in order to accomplish proper isolation.