I implemented a internal REST Service which consumes another (external) REST Service. The external service is secured with HTTPS with client certificate (and Tokens).
In the first implementation it was a service based on .NET Framework (4.6.2 of course windows) and the code looked like that:
var certificate = new X509Certificate2("./ExternalCert.pfx", "supersecurepassword764689");
var httpClientHandler = new HttpClientHandler
{
ClientCertificateOptions = ClientCertificateOption.Manual,
ClientCertificates =
{
certificate
},
CookieContainer = this.cookieContainer,
};
this.httpClient = new HttpClient(httpClientHandler)
{
BaseAddress = new Uri(url)
};
And it worked quite well. Now we are switching to ASP.NET Core 2 (based on .NET Core) and Docker. During development on my windows machine the code above worked aswell with .NET Core.
But now if I execute it inside of the docker container (of course linux) it doesn´t work anymore (SSL Error). (For now the certificate is copied into the container image, but it´s planed to store it with docker secrets).
I did some research and it seems *.pfx don´t work on linux and you have to generate a *.pem-file based on pfx. So I generated it with this command:
openssl pkcs12 -in ExternalCertificate.pfx -out ExternalCertificate.pem -nodes
Afterwards I replaced the following line:
var certificate = new X509Certificate2("./NewExternalCert.pem", "supersecurepassword764689");
and also tried:
var certificate = new X509Certificate2(File.ReadAllBytes("./NewExternalCert.pem"), "supersecurepassword764689");
Now I still get an error from the external service that the client certificate is missing but there is no exception in my application.
So what am I doing wrong? How can I send the certificate on linux? Is there a possiblity to do it on both OS the same way?
Thank you in advance for any advice!
