ASP.NET 4.7 in Docker with IIS and Self-Signed SSL Certificate
Goal: Run an ASP.NET 4.7 application in a Docker container with IIS and HTTPS support, using a volume-mapped folder for live code updates during development.
Dockerfile
FROM mcr.microsoft.com/dotnet/framework/aspnet:4.8
SHELL [ "powershell" ]
COPY src/Bustroker.LocalEnv.WebUI/bin/app.publish c:/webapp
ADD configureIIS.ps1 /windows/temp/configureIIS.ps1
RUN powershell.exe -executionpolicy bypass c:\windows\temp\configureIIS.ps1
IIS Configuration Script
Create configureIIS.ps1:
## Configure SSL certificate for default website
Import-Module WebAdministration
Set-Location IIS:\SslBindings
New-WebBinding -Name "Default Web Site" -IP "*" -Port 443 -Protocol https
$c = New-SelfSignedCertificate -DnsName "localhost" -CertStoreLocation cert:\LocalMachine\My
$c | New-Item 0.0.0.0!443
New-WebApplication -Site 'Default Web Site' -Name 'webapp' -PhysicalPath 'C:\webapp'
## Grant full access to IIS AppPool for volume-mapped folder
$path = "C:\webapp"
$user = "IIS AppPool\DefaultAppPool"
$acl = Get-Acl $path
$accessRule = New-Object system.security.accesscontrol.filesystemaccessrule($User,"FullControl", "ContainerInherit,ObjectInherit", "None", "Allow")
$acl.SetAccessRule($accessRule)
Set-Acl $path $acl
The script sets up HTTPS with a self-signed certificate, creates the web application, and grants the AppPool permissions to access the volume-mapped folder.
Docker Compose
version: '3.8'
services:
webapp:
build: .
ports:
- "80:80"
- "443:443"
volumes:
- ./src/Bustroker.WebUI/bin/app.publish:C:/webapp
The volume mapping enables live updates—changes to the published folder are immediately reflected in the container.
Run
Publish your ASP.NET application to bin/app.publish:
docker-compose up -d --build
Browse to http://localhost/webapp or https://localhost/webapp. The browser will show a certificate warning since the self-signed certificate isn’t in the Trusted Root Certification Authorities store.