Re: Introduction - DotNet SIG - Fedora mailing-lists

1 Mar 2023

      Hi David,
Long long ago, I looked at this.
The simplest solution is to create a root certificate and install that
into the system and then it _just works_.
I prototyped that here: https://github.com/tmds/linux-dev-certs.
Unfortunately, Microsoft considers this approach 'insecure' (though I
am of another opinion).
If there is some interest, I'd be willing to provide this as a .NET global tool.
Microsoft wants the separate stores to get configured with the self-signed cert.
I had a go at this as well: https://github.com/dotnet/aspnetcore/pull/33279.
Unfortunately, I got little feedback from the maintainers, and the PR stalled.
If you're taking a shot, the PR may have some things you could use.
Good luck!
Tom
On Wed, Mar 1, 2023 at 2:43 AM David Galvan djgalvan01@outlook.com wrote:
...
Hello,
My name is David, I’m looking to help the dotnet team get dotnet Developer Certs working out of the box for Linux distributions. The GitHub issue pertaining to this is here:
[Https] `dotnet dev-certs --trust` support on Linux · Issue #32842 · dotnet/aspnetcore · GitHub
I’m wondering if anyone has had a chance to check out the issue or is working toward helping to resolve it. There’s a lot going on in the page, the main excerpt is:
For each distro we need come up with a list of instructions to setup the machine and create a VM image we can leverage for regression testing. We need to capture the instructions for doing the following:
Install the base OS
Install Edge
Install Chrome
Install dotnet
Install new enough openssl version (if necessary)
Install libnss3-tools (certutil)
Prepare the VM to be shared with the team (we should be able to do so as described here

DotNet SIG mailing list -- dotnet-sig@lists.fedoraproject.org
To unsubscribe send an email to dotnet-sig-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/dotnet-sig@lists.fedoraproject...
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue