I have a basic Kestrel application written on .Net Core 6.0. Is there any need to install a certificate into the docker container to expose 443 if the application is eventually deployed onto an Azure AppService that has SSL enabled? Or put another way, am I exposing myself to network traffic risks if the communication between Azure and the guts of the container are not done over HTTPS?
CodePudding user response:
App Service does TLS termination and traffic flow to your container in the App Service sandbox using port 80 or using the port you define with the WEBSITES_PORT application setting. Your containers are not exposed directly over the Internet as they are protected by the App Service firewall.