Open Closed

Deployment Blazor Server simple application #8287


User avatar
0
bellajyrinurmi created
  • ABP Framework version: 8.3.2
  • UI Type: Blazor Server
  • Database System: EF Core (PostgreSQL)
  • Tiered (for MVC) or Auth Server Separated (for Angular): no
  • Exception message and full stack trace: [19:30:13 FTL] Host terminated unexpectedly! Volo.Abp.AbpInitializationException: An error occurred during ConfigureServicesAsync phase of the module Volo.Abp.OpenIddict.AbpOpenIddictAspNetCoreModule, Volo.Abp.OpenIddict.AspNetCore, Version=8.3.2.0, Culture=neutral, PublicKeyToken=null. See the inner exception for details. ---> System.IO.FileNotFoundException: Signing Certificate couldn't found: openiddict.pfx at Microsoft.Extensions.DependencyInjection.OpenIddictServerBuilderExtensions.AddProductionEncryptionAndSigningCertificate(OpenIddictServerBuilder builder, String fileName, String passPhrase) at AlMudir.Blazor.AlMudirBlazorModule.<>c.<PreConfigureServices>b__0_4(OpenIddictServerBuilder serverBuilder) in /src/src/AlMudir.Blazor/AlMudirBlazorModule.cs:line 137 at Volo.Abp.Options.PreConfigureActionList1.Configure(TOptions options) at Microsoft.Extensions.DependencyInjection.ServiceCollectionPreConfigureExtensions.ExecutePreConfiguredActions[TOptions](IServiceCollection services, TOptions options) at Volo.Abp.OpenIddict.AbpOpenIddictAspNetCoreModule.<>c__DisplayClass1_0.<AddOpenIddictServer>b__0(OpenIddictServerBuilder builder) at Microsoft.Extensions.DependencyInjection.OpenIddictServerExtensions.AddServer(OpenIddictBuilder builder, Action1 configuration) at Volo.Abp.OpenIddict.AbpOpenIddictAspNetCoreModule.AddOpenIddictServer(IServiceCollection services) at Volo.Abp.OpenIddict.AbpOpenIddictAspNetCoreModule.ConfigureServices(ServiceConfigurationContext context) at Volo.Abp.Modularity.AbpModule.ConfigureServicesAsync(ServiceConfigurationContext context) at Volo.Abp.AbpApplicationBase.ConfigureServicesAsync() --- End of inner exception stack trace --- at Volo.Abp.AbpApplicationBase.ConfigureServicesAsync() at Volo.Abp.AbpApplicationFactory.CreateAsync[TStartupModule](IServiceCollection services, Action1 optionsAction) at Microsoft.Extensions.DependencyInjection.ServiceCollectionApplicationExtensions.AddApplicationAsync[TStartupModule](IServiceCollection services, Action1 optionsAction) at Microsoft.Extensions.DependencyInjection.WebApplicationBuilderExtensions.AddApplicationAsync[TStartupModule](WebApplicationBuilder builder, Action`1 optionsAction) at AlMudir.Blazor.Program.Main(String[] args) in /src/src/AlMudir.Blazor/Program.cs:line 36 [19:30:14 INF] Starting web host.
  • Steps to reproduce the issue:

Hello ABP Support team,

I'm currently trying to deploy an ABP application using Docker, and I'm encountering some challenges with the certificate configuration.

Environment details:

  • Using Coolify as a Docker container management platform
  • Deploying via docker-compose
  • Non-tiered Blazor Server application
  • PostgreSQL database with EF Core

Current issues: The main problem appears to be related to the certificate configuration. Despite following the documentation and trying various approaches, I'm unable to get the application running properly in the Docker environment.

My docker-compose configuration includes: `version: '3.8'

services: almudir-blazor: image: ${REGISTRY:-ghcr.io}/${GITHUB_REPOSITORY:-fuutu-company/almudir}/blazor:${TAG:-latest} container_name: almudir-blazor environment: - ASPNETCORE_URLS=https://+:443;http://+:80 - Kestrel__Certificates__Default__Path=/app/openiddict.pfx - Kestrel__Certificates__Default__Password=***** - App__SelfUrl=${APP_URL:-https://localhost:44314} - AuthServer__RequireHttpsMetadata=false
- AuthServer__Authority=${AUTH_SERVER_URL:-https://localhost:44314} - ConnectionStrings__Default=${DB_CONNECTION_STRING} - OpenIddict__SigningCertificate__Path=/app/openiddict.pfx - OpenIddict__SigningCertificate__Password=***** - ASPNETCORE_ENVIRONMENT=${ASPNETCORE_ENVIRONMENT:-Development} ports: - "${PORT:-44314}:443" restart: on-failure depends_on: db-migrator: condition: service_completed_successfully networks: - almudir-network

db-migrator: image: ${REGISTRY:-ghcr.io}/${GITHUB_REPOSITORY:-fuutu-company/almudir}/db-migrator:${TAG:-latest} container_name: almudir-db-migrator restart: "no" deploy: replicas: 1 restart_policy: condition: none environment: - OpenIddict__Applications__AlMudir_Blazor__RootUrl=${APP_URL:-https://localhost:44314} - ConnectionStrings__Default=${DB_CONNECTION_STRING} networks: - almudir-network

networks: almudir-network: name: ${NETWORK_NAME:-almudir-network} driver: bridge

`

PreConfigureServices: ` public override void PreConfigureServices(ServiceConfigurationContext context) { var hostingEnvironment = context.Services.GetHostingEnvironment(); var configuration = context.Services.GetConfiguration();

    var tenantUrl = "https://{0}." + configuration["App:TenantUrl"];
    PreConfigure&lt;AbpOpenIddictWildcardDomainOptions&gt;(options =>
    {
        options.EnableWildcardDomainSupport = true;
        options.WildcardDomainsFormat.Add(tenantUrl);
    });

    context.Services.PreConfigure&lt;AbpMvcDataAnnotationsLocalizationOptions&gt;(options =>
    {
        options.AddAssemblyResource(
            typeof(AlMudirResource),
            typeof(AlMudirDomainModule).Assembly,
            typeof(AlMudirDomainSharedModule).Assembly,
            typeof(AlMudirApplicationModule).Assembly,
            typeof(AlMudirApplicationContractsModule).Assembly,
            typeof(AlMudirBlazorModule).Assembly
        );
    });

    PreConfigure&lt;OpenIddictBuilder&gt;(builder =>
    {
        builder.AddValidation(options =>
        {
            options.AddAudiences("AlMudir");
            options.UseLocalServer();
            options.UseAspNetCore();
        });
    });

    if (!hostingEnvironment.IsDevelopment())
    {
        PreConfigure&lt;AbpOpenIddictAspNetCoreOptions&gt;(options =>
        {
            options.AddDevelopmentEncryptionAndSigningCertificate = false;
        });

        PreConfigure&lt;OpenIddictServerBuilder&gt;(serverBuilder =>
        {
            serverBuilder.AddProductionEncryptionAndSigningCertificate(
                "/app/openiddict.pfx", 
                "a0166a3a-5ffb-4f53-a8d7-a699d3c3ce1e"
            );
        });
    }
}`

src\AlMudir.Blazor\Dockerfile.local: FROM mcr.microsoft.com/dotnet/sdk:8.0 AS build WORKDIR /src

ARG ABP_API_KEY RUN dotnet nuget add source "https://nuget.abp.io/${ABP_API_KEY}/v3/index.json"
--name "ABP Commercial"
--store-password-in-clear-text

COPY . .

RUN dotnet dev-certs https -v -ep openiddict.pfx -p a0166a3a-5ffb-4f53-a8d7-a699d3c3ce1e

RUN dotnet publish "src/AlMudir.Blazor/AlMudir.Blazor.csproj" -c Release -o /app/publish

RUN cp openiddict.pfx /app/publish/

FROM mcr.microsoft.com/dotnet/sdk:8.0 AS final WORKDIR /app COPY --from=build /app/publish . ENTRYPOINT ["dotnet", "AlMudir.Blazor.dll"]

src\AlMudir.DbMigrator\Dockerfile.local: FROM mcr.microsoft.com/dotnet/sdk:8.0 AS build WORKDIR /src

ARG ABP_API_KEY RUN dotnet nuget add source "https://nuget.abp.io/${ABP_API_KEY}/v3/index.json"
--name "ABP Commercial"
--store-password-in-clear-text

COPY . .

RUN dotnet publish "src/AlMudir.DbMigrator/AlMudir.DbMigrator.csproj" -c Release -o /app/publish

FROM mcr.microsoft.com/dotnet/runtime:8.0 WORKDIR /app COPY --from=build /app/publish . ENTRYPOINT ["dotnet", "AlMudir.DbMigrator.dll"]

by git workflow to create my images: name: Docker Build and Deploy

on: push: branches: [ "main" ] tags: [ 'v*..' ] pull_request: branches: [ "main" ]

env: REGISTRY: ghcr.io BLAZOR_IMAGE_NAME: fuutu-company/almudir/blazor MIGRATOR_IMAGE_NAME: fuutu-company/almudir/db-migrator

jobs: build: runs-on: ubuntu-latest permissions: contents: read packages: write

steps:
  - name: Checkout repository
    uses: actions/checkout@v4

  - name: Setup .NET
    uses: actions/setup-dotnet@v3
    with:
      dotnet-version: '8.0.x'
      
  - name: Configure ABP NuGet Source
    run: |
      dotnet nuget add source https://nuget.abp.io/${{ secrets.ABP_API_KEY }}/v3/index.json -n "ABP Commercial"

  - name: Login to GitHub Container Registry
    uses: docker/login-action@v3
    with:
      registry: ${{ env.REGISTRY }}
      username: ${{ github.actor }}
      password: ${{ secrets.GITHUB_TOKEN }}

  # Build und Push Blazor
  - name: Build and Push Blazor
    env:
      ABP_API_KEY: ${{ secrets.ABP_API_KEY }}
    run: |
      # Generiere das Zertifikat
      dotnet dev-certs https -v -ep openiddict.pfx -p **********
      
      # Kopiere das Zertifikat in das Projektverzeichnis
      cp openiddict.pfx src/AlMudir.Blazor/
      
      # Build Docker Image
      docker build \
        --build-arg ABP_API_KEY=$ABP_API_KEY \
        -f src/AlMudir.Blazor/Dockerfile.local \
        -t ${{ env.REGISTRY }}/${{ env.BLAZOR_IMAGE_NAME }}:latest \
        -t ${{ env.REGISTRY }}/${{ env.BLAZOR_IMAGE_NAME }}:${{ github.sha }} .
      docker push ${{ env.REGISTRY }}/${{ env.BLAZOR_IMAGE_NAME }}:latest
      docker push ${{ env.REGISTRY }}/${{ env.BLAZOR_IMAGE_NAME }}:${{ github.sha }}

  # Build und Push DbMigrator
  - name: Build and Push DbMigrator
    env:
      ABP_API_KEY: ${{ secrets.ABP_API_KEY }}
    run: |
      docker build \
        --build-arg ABP_API_KEY=$ABP_API_KEY \
        -f src/AlMudir.DbMigrator/Dockerfile.local \
        -t ${{ env.REGISTRY }}/${{ env.MIGRATOR_IMAGE_NAME }}:latest \
        -t ${{ env.REGISTRY }}/${{ env.MIGRATOR_IMAGE_NAME }}:${{ github.sha }} .
      docker push ${{ env.REGISTRY }}/${{ env.MIGRATOR_IMAGE_NAME }}:latest
      docker push ${{ env.REGISTRY }}/${{ env.MIGRATOR_IMAGE_NAME }}:${{ github.sha }}

if you need to check my code i can give you access to it.


23 Answer(s)
  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Hi,

    Signing Certificate couldn't found: openiddict.pfx

    You should put the openiddict.pfx in the right place.

    try

    
    PreConfigure<OpenIddictServerBuilder>(serverBuilder =>
    {
        serverBuilder.AddSigningCertificate(GetSigningCertificate(hostingEnvironment, configuration));
        serverBuilder.AddEncryptionCertificate(GetSigningCertificate(hostingEnvironment, configuration));
    });
    
    private X509Certificate2 GetSigningCertificate(IWebHostEnvironment hostingEnv, IConfiguration configuration)
    {
        var fileName = "authserver.pfx";
        var passPhrase = "a0166a3a-5ffb-4f53-a8d7-a699d3c3ce1e";
        var file = Path.Combine(hostingEnv.ContentRootPath, fileName);
    
        if (!File.Exists(file))
        {
            throw new FileNotFoundException($"Signing Certificate couldn't found: {file}");
        }
    
        return new X509Certificate2(file, passPhrase);
    }
    
  • User Avatar
    0
    bellajyrinurmi created

    Hi,

    Signing Certificate couldn't found: openiddict.pfx

    You should put the openiddict.pfx in the right place.

    try

     
    PreConfigure<OpenIddictServerBuilder>(serverBuilder => 
    { 
        serverBuilder.AddSigningCertificate(GetSigningCertificate(hostingEnvironment, configuration)); 
        serverBuilder.AddEncryptionCertificate(GetSigningCertificate(hostingEnvironment, configuration)); 
    }); 
     
    private X509Certificate2 GetSigningCertificate(IWebHostEnvironment hostingEnv, IConfiguration configuration) 
    { 
        var fileName = "authserver.pfx"; 
        var passPhrase = "a0166a3a-5ffb-4f53-a8d7-a699d3c3ce1e"; 
        var file = Path.Combine(hostingEnv.ContentRootPath, fileName); 
     
        if (!File.Exists(file)) 
        { 
            throw new FileNotFoundException($"Signing Certificate couldn't found: {file}"); 
        } 
     
        return new X509Certificate2(file, passPhrase); 
    } 
    

    i change it to: ` public override void PreConfigureServices(ServiceConfigurationContext context) { var hostingEnvironment = context.Services.GetHostingEnvironment(); var configuration = context.Services.GetConfiguration();

        var tenantUrl = "https://{0}." + configuration["App:TenantUrl"];
        PreConfigure<AbpOpenIddictWildcardDomainOptions>(options =>
        {
            options.EnableWildcardDomainSupport = true;
            options.WildcardDomainsFormat.Add(tenantUrl);
        });
    
        context.Services.PreConfigure<AbpMvcDataAnnotationsLocalizationOptions>(options =>
        {
            options.AddAssemblyResource(
                typeof(AlMudirResource),
                typeof(AlMudirDomainModule).Assembly,
                typeof(AlMudirDomainSharedModule).Assembly,
                typeof(AlMudirApplicationModule).Assembly,
                typeof(AlMudirApplicationContractsModule).Assembly,
                typeof(AlMudirBlazorModule).Assembly
            );
        });
    
        PreConfigure<OpenIddictBuilder>(builder =>
        {
            builder.AddValidation(options =>
            {
                options.AddAudiences("AlMudir");
                options.UseLocalServer();
                options.UseAspNetCore();
            });
        });
    
        if (!hostingEnvironment.IsDevelopment())
        {
            PreConfigure<AbpOpenIddictAspNetCoreOptions>(options =>
            {
                options.AddDevelopmentEncryptionAndSigningCertificate = false;
            });
    
            PreConfigure<OpenIddictServerBuilder>(serverBuilder =>
            {
                serverBuilder.AddSigningCertificate(GetSigningCertificate(hostingEnvironment, configuration));
                serverBuilder.AddEncryptionCertificate(GetSigningCertificate(hostingEnvironment, configuration));
                /* serverBuilder.AddProductionEncryptionAndSigningCertificate(
                    "/app/openiddict.pfx", 
                    "a0166a3a-5ffb-4f53-a8d7-a699d3c3ce1e"
                ); */
            });
        }
    }
    
    private X509Certificate2 GetSigningCertificate(IWebHostEnvironment hostingEnv, IConfiguration configuration)
    {
        var fileName = "authserver.pfx";
        var passPhrase = "a0166a3a-5ffb-4f53-a8d7-a699d3c3ce1e";
        var file = Path.Combine(hostingEnv.ContentRootPath, fileName);
    
        if (!File.Exists(file))
        {
            throw new FileNotFoundException($"Signing Certificate couldn't found: {file}");
        }
    
        return new X509Certificate2(file, passPhrase);
    }`
    

    but have still same problem

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    What is the error message now

  • User Avatar
    0
    bellajyrinurmi created

    What is the error message now

    still same error : [09:02:16 FTL] Host terminated unexpectedly! Volo.Abp.AbpInitializationException: An error occurred during ConfigureServicesAsync phase of the module Volo.Abp.OpenIddict.AbpOpenIddictAspNetCoreModule, Volo.Abp.OpenIddict.AspNetCore, Version=8.3.2.0, Culture=neutral, PublicKeyToken=null. See the inner exception for details. ---> System.IO.FileNotFoundException: Signing Certificate couldn't found: openiddict.pfx at Microsoft.Extensions.DependencyInjection.OpenIddictServerBuilderExtensions.AddProductionEncryptionAndSigningCertificate(OpenIddictServerBuilder builder, String fileName, String passPhrase) at AlMudir.Blazor.AlMudirBlazorModule.<>c.<PreConfigureServices>b__0_4(OpenIddictServerBuilder serverBuilder) in /src/src/AlMudir.Blazor/AlMudirBlazorModule.cs:line 137 at Volo.Abp.Options.PreConfigureActionList1.Configure(TOptions options) at Microsoft.Extensions.DependencyInjection.ServiceCollectionPreConfigureExtensions.ExecutePreConfiguredActions[TOptions](IServiceCollection services, TOptions options) at Volo.Abp.OpenIddict.AbpOpenIddictAspNetCoreModule.<>c__DisplayClass1_0.<AddOpenIddictServer>b__0(OpenIddictServerBuilder builder) at Microsoft.Extensions.DependencyInjection.OpenIddictServerExtensions.AddServer(OpenIddictBuilder builder, Action1 configuration) at Volo.Abp.OpenIddict.AbpOpenIddictAspNetCoreModule.AddOpenIddictServer(IServiceCollection services) at Volo.Abp.OpenIddict.AbpOpenIddictAspNetCoreModule.ConfigureServices(ServiceConfigurationContext context) at Volo.Abp.Modularity.AbpModule.ConfigureServicesAsync(ServiceConfigurationContext context) at Volo.Abp.AbpApplicationBase.ConfigureServicesAsync() --- End of inner exception stack trace --- at Volo.Abp.AbpApplicationBase.ConfigureServicesAsync() at Volo.Abp.AbpApplicationFactory.CreateAsync[TStartupModule](IServiceCollection services, Action1 optionsAction) at Microsoft.Extensions.DependencyInjection.ServiceCollectionApplicationExtensions.AddApplicationAsync[TStartupModule](IServiceCollection services, Action1 optionsAction) at Microsoft.Extensions.DependencyInjection.WebApplicationBuilderExtensions.AddApplicationAsync[TStartupModule](WebApplicationBuilder builder, Action1 optionsAction) at AlMudir.Blazor.Program.Main(String[] args) in /src/src/AlMudir.Blazor/Program.cs:line 36`

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Hi,

    you can check the published files to make sure openiddict.pfx file is exists

  • User Avatar
    0
    bellajyrinurmi created

    Hi,

    you can check the published files to make sure openiddict.pfx file is exists

    Hi, i checkt the server its not there. Then i just published it locally to check it and it's also not there.

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Hi,

    First , generate openiddict.pfx in the project folder and make sure it is copied to the published folder always.

  • User Avatar
    0
    bellajyrinurmi created

    Hi,

    First , generate openiddict.pfx in the project folder and make sure it is copied to the published folder always.

    Hi, i dont have the API.Host projekt.

    And how do i generate the openiddict.pfx ?

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    dotnet dev-certs https -v -ep openiddict.pfx -p a0166a3a-5ffb-4f53-a8d7-a699d3c3ce1e

  • User Avatar
    0
    bellajyrinurmi created

    dotnet dev-certs https -v -ep openiddict.pfx -p a0166a3a-5ffb-4f53-a8d7-a699d3c3ce1e

    ok but in which project? i dont have the API.Host project.

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Hi,

    The image just an example, should be .Blazor project for your case

  • User Avatar
    0
    bellajyrinurmi created

    Ok i did it but get still the same error.

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    if you published it locally, will it work?

  • User Avatar
    0
    bellajyrinurmi created

    No, it's also not there. Do you have maybe a example repo where its working with my type of Project and deploy to docker?

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    It is already pre-built into the project

    abp new Testapp --old

  • User Avatar
    0
    bellajyrinurmi created

    It is already pre-built into the project

    abp new Testapp --old

    ok this also not working. i dont know what to do.

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Hi,

    It works for me

    • abp new Testapp --old
    • Run build-images-locally.ps1
    • Optional: Open run-docker.ps1 file to update docker-compose up -d to docker compose up -d(Based on your Docker version)
    • Run run-docker.ps1

  • User Avatar
    0
    bellajyrinurmi created

    Hi, iam still trying but i have no idea what iam doing wrong.

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    what is the error now?

  • User Avatar
    0
    bellajyrinurmi created

    its the same error. is it possible if i give you access to the github repo ? and you take a look

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    okay, please

  • User Avatar
    0
    bellajyrinurmi created

    i add https://github.com/realLiangshiwei i hope this is you.

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Hi,

    you can try

    private X509Certificate2 GetSigningCertificate(IWebHostEnvironment hostingEnv, IConfiguration configuration)
    {
        var fileName = "openiddict.pfx";
        var passPhrase = "a0166a3a-5ffb-4f53-a8d7-a699d3c3ce1e";
        var file = Path.Combine(hostingEnv.ContentRootPath, fileName);
    
        if (!File.Exists(file))
        {
            throw new FileNotFoundException($"Signing Certificate couldn't found: {file}");
        }
    
        return new X509Certificate2(file, passPhrase);
    }
    
Made with ❤️ on ABP v9.1.0-preview. Updated on December 26, 2024, 06:07