- ABP Framework version: 8.3.2
- UI Type: Blazor Server
- Database System: EF Core (PostgreSQL)
- Tiered (for MVC) or Auth Server Separated (for Angular): no
- Exception message and full stack trace:
[19:30:13 FTL] Host terminated unexpectedly!
Volo.Abp.AbpInitializationException: An error occurred during ConfigureServicesAsync phase of the module Volo.Abp.OpenIddict.AbpOpenIddictAspNetCoreModule, Volo.Abp.OpenIddict.AspNetCore, Version=8.3.2.0, Culture=neutral, PublicKeyToken=null. See the inner exception for details.
---> System.IO.FileNotFoundException: Signing Certificate couldn't found: openiddict.pfx
at Microsoft.Extensions.DependencyInjection.OpenIddictServerBuilderExtensions.AddProductionEncryptionAndSigningCertificate(OpenIddictServerBuilder builder, String fileName, String passPhrase)
at AlMudir.Blazor.AlMudirBlazorModule.<>c.<PreConfigureServices>b__0_4(OpenIddictServerBuilder serverBuilder) in /src/src/AlMudir.Blazor/AlMudirBlazorModule.cs:line 137
at Volo.Abp.Options.PreConfigureActionList
1.Configure(TOptions options) at Microsoft.Extensions.DependencyInjection.ServiceCollectionPreConfigureExtensions.ExecutePreConfiguredActions[TOptions](IServiceCollection services, TOptions options) at Volo.Abp.OpenIddict.AbpOpenIddictAspNetCoreModule.<>c__DisplayClass1_0.<AddOpenIddictServer>b__0(OpenIddictServerBuilder builder) at Microsoft.Extensions.DependencyInjection.OpenIddictServerExtensions.AddServer(OpenIddictBuilder builder, Action
1 configuration) at Volo.Abp.OpenIddict.AbpOpenIddictAspNetCoreModule.AddOpenIddictServer(IServiceCollection services) at Volo.Abp.OpenIddict.AbpOpenIddictAspNetCoreModule.ConfigureServices(ServiceConfigurationContext context) at Volo.Abp.Modularity.AbpModule.ConfigureServicesAsync(ServiceConfigurationContext context) at Volo.Abp.AbpApplicationBase.ConfigureServicesAsync() --- End of inner exception stack trace --- at Volo.Abp.AbpApplicationBase.ConfigureServicesAsync() at Volo.Abp.AbpApplicationFactory.CreateAsync[TStartupModule](IServiceCollection services, Action1 optionsAction) at Microsoft.Extensions.DependencyInjection.ServiceCollectionApplicationExtensions.AddApplicationAsync[TStartupModule](IServiceCollection services, Action
1 optionsAction) at Microsoft.Extensions.DependencyInjection.WebApplicationBuilderExtensions.AddApplicationAsync[TStartupModule](WebApplicationBuilder builder, Action`1 optionsAction) at AlMudir.Blazor.Program.Main(String[] args) in /src/src/AlMudir.Blazor/Program.cs:line 36 [19:30:14 INF] Starting web host. - Steps to reproduce the issue:
Hello ABP Support team,
I'm currently trying to deploy an ABP application using Docker, and I'm encountering some challenges with the certificate configuration.
Environment details:
- Using Coolify as a Docker container management platform
- Deploying via docker-compose
- Non-tiered Blazor Server application
- PostgreSQL database with EF Core
Current issues: The main problem appears to be related to the certificate configuration. Despite following the documentation and trying various approaches, I'm unable to get the application running properly in the Docker environment.
My docker-compose configuration includes: `version: '3.8'
services:
almudir-blazor:
image: ${REGISTRY:-ghcr.io}/${GITHUB_REPOSITORY:-fuutu-company/almudir}/blazor:${TAG:-latest}
container_name: almudir-blazor
environment:
- ASPNETCORE_URLS=https://+:443;http://+:80
- Kestrel__Certificates__Default__Path=/app/openiddict.pfx
- Kestrel__Certificates__Default__Password=*****
- App__SelfUrl=${APP_URL:-https://localhost:44314}
- AuthServer__RequireHttpsMetadata=false
- AuthServer__Authority=${AUTH_SERVER_URL:-https://localhost:44314}
- ConnectionStrings__Default=${DB_CONNECTION_STRING}
- OpenIddict__SigningCertificate__Path=/app/openiddict.pfx
- OpenIddict__SigningCertificate__Password=*****
- ASPNETCORE_ENVIRONMENT=${ASPNETCORE_ENVIRONMENT:-Development}
ports:
- "${PORT:-44314}:443"
restart: on-failure
depends_on:
db-migrator:
condition: service_completed_successfully
networks:
- almudir-network
db-migrator: image: ${REGISTRY:-ghcr.io}/${GITHUB_REPOSITORY:-fuutu-company/almudir}/db-migrator:${TAG:-latest} container_name: almudir-db-migrator restart: "no" deploy: replicas: 1 restart_policy: condition: none environment: - OpenIddict__Applications__AlMudir_Blazor__RootUrl=${APP_URL:-https://localhost:44314} - ConnectionStrings__Default=${DB_CONNECTION_STRING} networks: - almudir-network
networks: almudir-network: name: ${NETWORK_NAME:-almudir-network} driver: bridge
`
PreConfigureServices: ` public override void PreConfigureServices(ServiceConfigurationContext context) { var hostingEnvironment = context.Services.GetHostingEnvironment(); var configuration = context.Services.GetConfiguration();
var tenantUrl = "https://{0}." + configuration["App:TenantUrl"];
PreConfigure<AbpOpenIddictWildcardDomainOptions>(options =>
{
options.EnableWildcardDomainSupport = true;
options.WildcardDomainsFormat.Add(tenantUrl);
});
context.Services.PreConfigure<AbpMvcDataAnnotationsLocalizationOptions>(options =>
{
options.AddAssemblyResource(
typeof(AlMudirResource),
typeof(AlMudirDomainModule).Assembly,
typeof(AlMudirDomainSharedModule).Assembly,
typeof(AlMudirApplicationModule).Assembly,
typeof(AlMudirApplicationContractsModule).Assembly,
typeof(AlMudirBlazorModule).Assembly
);
});
PreConfigure<OpenIddictBuilder>(builder =>
{
builder.AddValidation(options =>
{
options.AddAudiences("AlMudir");
options.UseLocalServer();
options.UseAspNetCore();
});
});
if (!hostingEnvironment.IsDevelopment())
{
PreConfigure<AbpOpenIddictAspNetCoreOptions>(options =>
{
options.AddDevelopmentEncryptionAndSigningCertificate = false;
});
PreConfigure<OpenIddictServerBuilder>(serverBuilder =>
{
serverBuilder.AddProductionEncryptionAndSigningCertificate(
"/app/openiddict.pfx",
"a0166a3a-5ffb-4f53-a8d7-a699d3c3ce1e"
);
});
}
}`
src\AlMudir.Blazor\Dockerfile.local: FROM mcr.microsoft.com/dotnet/sdk:8.0 AS build WORKDIR /src
ARG ABP_API_KEY
RUN dotnet nuget add source "https://nuget.abp.io/${ABP_API_KEY}/v3/index.json"
--name "ABP Commercial"
--store-password-in-clear-text
COPY . .
RUN dotnet dev-certs https -v -ep openiddict.pfx -p a0166a3a-5ffb-4f53-a8d7-a699d3c3ce1e
RUN dotnet publish "src/AlMudir.Blazor/AlMudir.Blazor.csproj" -c Release -o /app/publish
RUN cp openiddict.pfx /app/publish/
FROM mcr.microsoft.com/dotnet/sdk:8.0 AS final WORKDIR /app COPY --from=build /app/publish . ENTRYPOINT ["dotnet", "AlMudir.Blazor.dll"]
src\AlMudir.DbMigrator\Dockerfile.local: FROM mcr.microsoft.com/dotnet/sdk:8.0 AS build WORKDIR /src
ARG ABP_API_KEY
RUN dotnet nuget add source "https://nuget.abp.io/${ABP_API_KEY}/v3/index.json"
--name "ABP Commercial"
--store-password-in-clear-text
COPY . .
RUN dotnet publish "src/AlMudir.DbMigrator/AlMudir.DbMigrator.csproj" -c Release -o /app/publish
FROM mcr.microsoft.com/dotnet/runtime:8.0 WORKDIR /app COPY --from=build /app/publish . ENTRYPOINT ["dotnet", "AlMudir.DbMigrator.dll"]
by git workflow to create my images: name: Docker Build and Deploy
on: push: branches: [ "main" ] tags: [ 'v*..' ] pull_request: branches: [ "main" ]
env: REGISTRY: ghcr.io BLAZOR_IMAGE_NAME: fuutu-company/almudir/blazor MIGRATOR_IMAGE_NAME: fuutu-company/almudir/db-migrator
jobs: build: runs-on: ubuntu-latest permissions: contents: read packages: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Setup .NET
uses: actions/setup-dotnet@v3
with:
dotnet-version: '8.0.x'
- name: Configure ABP NuGet Source
run: |
dotnet nuget add source https://nuget.abp.io/${{ secrets.ABP_API_KEY }}/v3/index.json -n "ABP Commercial"
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
# Build und Push Blazor
- name: Build and Push Blazor
env:
ABP_API_KEY: ${{ secrets.ABP_API_KEY }}
run: |
# Generiere das Zertifikat
dotnet dev-certs https -v -ep openiddict.pfx -p **********
# Kopiere das Zertifikat in das Projektverzeichnis
cp openiddict.pfx src/AlMudir.Blazor/
# Build Docker Image
docker build \
--build-arg ABP_API_KEY=$ABP_API_KEY \
-f src/AlMudir.Blazor/Dockerfile.local \
-t ${{ env.REGISTRY }}/${{ env.BLAZOR_IMAGE_NAME }}:latest \
-t ${{ env.REGISTRY }}/${{ env.BLAZOR_IMAGE_NAME }}:${{ github.sha }} .
docker push ${{ env.REGISTRY }}/${{ env.BLAZOR_IMAGE_NAME }}:latest
docker push ${{ env.REGISTRY }}/${{ env.BLAZOR_IMAGE_NAME }}:${{ github.sha }}
# Build und Push DbMigrator
- name: Build and Push DbMigrator
env:
ABP_API_KEY: ${{ secrets.ABP_API_KEY }}
run: |
docker build \
--build-arg ABP_API_KEY=$ABP_API_KEY \
-f src/AlMudir.DbMigrator/Dockerfile.local \
-t ${{ env.REGISTRY }}/${{ env.MIGRATOR_IMAGE_NAME }}:latest \
-t ${{ env.REGISTRY }}/${{ env.MIGRATOR_IMAGE_NAME }}:${{ github.sha }} .
docker push ${{ env.REGISTRY }}/${{ env.MIGRATOR_IMAGE_NAME }}:latest
docker push ${{ env.REGISTRY }}/${{ env.MIGRATOR_IMAGE_NAME }}:${{ github.sha }}
if you need to check my code i can give you access to it.
1 Answer(s)
-
0
Hi,
Signing Certificate couldn't found: openiddict.pfx
You should put the
openiddict.pfx
in the right place.try
PreConfigure<OpenIddictServerBuilder>(serverBuilder => { serverBuilder.AddSigningCertificate(GetSigningCertificate(hostingEnvironment, configuration)); serverBuilder.AddEncryptionCertificate(GetSigningCertificate(hostingEnvironment, configuration)); }); private X509Certificate2 GetSigningCertificate(IWebHostEnvironment hostingEnv, IConfiguration configuration) { var fileName = "authserver.pfx"; var passPhrase = "a0166a3a-5ffb-4f53-a8d7-a699d3c3ce1e"; var file = Path.Combine(hostingEnv.ContentRootPath, fileName); if (!File.Exists(file)) { throw new FileNotFoundException($"Signing Certificate couldn't found: {file}"); } return new X509Certificate2(file, passPhrase); }