Hi David,
Long long ago, I looked at this.
The simplest solution is to create a root certificate and install that into the system and then it _just works_. I prototyped that here: https://github.com/tmds/linux-dev-certs. Unfortunately, Microsoft considers this approach 'insecure' (though I am of another opinion). If there is some interest, I'd be willing to provide this as a .NET global tool.
Microsoft wants the separate stores to get configured with the self-signed cert. I had a go at this as well: https://github.com/dotnet/aspnetcore/pull/33279. Unfortunately, I got little feedback from the maintainers, and the PR stalled. If you're taking a shot, the PR may have some things you could use.
Good luck!
Tom
On Wed, Mar 1, 2023 at 2:43 AM David Galvan djgalvan01@outlook.com wrote:
Hello,
My name is David, I’m looking to help the dotnet team get dotnet Developer Certs working out of the box for Linux distributions. The GitHub issue pertaining to this is here:
[Https] `dotnet dev-certs --trust` support on Linux · Issue #32842 · dotnet/aspnetcore · GitHub
I’m wondering if anyone has had a chance to check out the issue or is working toward helping to resolve it. There’s a lot going on in the page, the main excerpt is:
For each distro we need come up with a list of instructions to setup the machine and create a VM image we can leverage for regression testing. We need to capture the instructions for doing the following:
Install the base OS Install Edge Install Chrome Install dotnet Install new enough openssl version (if necessary) Install libnss3-tools (certutil)
Prepare the VM to be shared with the team (we should be able to do so as described here
DotNet SIG mailing list -- dotnet-sig@lists.fedoraproject.org To unsubscribe send an email to dotnet-sig-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/dotnet-sig@lists.fedoraproject... Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
dotnet-sig@lists.fedoraproject.org