While working with IoT and website deployment and testing, we will be in need of certificates. We end up using OpenSSL to generate strong certificates (mostly Microsoft blogs will guide us on how to do that). Most of these blogs will guide us on how to get that done.
https://docs.microsoft.com/en-us/azure/iot-edge/how-to-create-test-certificates?view=iotedge-2018-06
https://docs.microsoft.com/en-us/aspnet/core/security/docker-https?view=aspnetcore-5.0
https://www.programmingwithwolfgang.com/asp-net-core-with-https-in-docker/
Recently working on a web deployment to IoT edge containers, I was trying to secure the website with a self signed certificate. It was working all fine locally. But strangely when deployed to container, the container starts and shuts down immediately.
After a bit of good old trouble shooting and isolating the problem, I realized that it works from my Windows machine and not Mac machine! to be specific when the certificates were generated from Mac container version of my website didn’t load. Why?
Windows had OpenSSL by default. Whereas my Mac had LibreSSL by default and the encryption on that didn’t help.
Face -palm moment..
“Ensure that you have proper libraries for SSL before you dockerize and copy certificates to your container.”
Though the blog shows that path, that is not ideal from a security standpoint. But I wanted to troubleshoot, why wouldn’t the Kestrel hosted website not work inside the container. So was trying to isolate the problem.
Code Nuggets – https://github.com/logrcubed/EdgeWebAppSecure
LogRCubed, A Whole Brain & A Few Ciphers 