Support HTTPS in ASP.NET Core apps

[bwateratmsft]

Currently "dotnet new" will enable HTTPS by default for ASP.NET Core apps, but this extension does not support it. Exposing 443 has no effect, and setting the ASPNETCORE_URLS to include HTTPS results in app startup failure, because no certificate is found.

Visual Studio automatically configures the ASP.NET Core HTTPS development certificate and maps in a volume containing it, and an additional volume with dotnet user-secrets for the certificate password.

The ask is to do that here too.

[bwateratmsft]

Things I'd like to do:

1. Change the singular port prompt to one accepting multiple (i.e. a comma-separated list)
2. Automatically trust* and export the 'dotnet dev-certs' certificate with a random password
3. Set that password as a secret with 'dotnet user-secrets'
4. Automatically volume map the cert and user-secrets folders
5. In launch.json add environment variables for ASPNETCORE_URLS and ASPNETCORE_ENVIRONMENT
6. When choosing port for browser launch, first look for anything mapped to 443, then to 80

*Regarding trusting the certificate:

• On Windows and Mac, we can do it with 'dotnet dev-certs https --trust', but Windows will give a yes/no prompt, and Mac will ask for password--so the user needs to be warned ahead so it doesn't seem out-of-the-blue
• On Linux there's basically nothing we can realistically do

[bwateratmsft]

I'm having a lot of trouble with cert trust on Mac. I can't figure out a way to launch dotnet dev-certs https --trust outside of VSCode (i.e. in its own window--which we need, because it's prompting for a password). Launching it within VSCode in a new terminal instance technically works, but in practice won't actually work--if it's done during F5 the terminal instance almost immediately gets unfocused and "lost". In Windows there's a separate popup done by the OS so it's not an issue there.

[pratiksanglikar]

@bwateratmsft About the issue with Mac, can we execute any shell script from the code? If that's possible we can think of applescript or even a simple shell script to do that. Applescript for sure has the capabilities to open a new terminal window and run a script inside it.

[bwateratmsft]

@pratiksanglikar AppleScript was the closest I was able to get to something working. I ended up with something like osascript -e 'tell app "Terminal" to do script "dotnet dev-certs https --trust"' -e 'tell app "Terminal" to activate'. There may be a shorter way to do it but I'm not really familiar with AppleScript. Technically it works, but it leaves the resultant terminal window open when done, and created a second terminal window, which isn't ideal.

[ejizba]

@bwateratmsft maybe take a look at this code:
https://github.com/microsoft/vscode-docker/blob/master/src/commands/registries/logInToDockerCli.ts#L33

You could prompt the user for the password up front using a VS Code input box (there's a specific option for password) and theoretically do the same thing (it starts a child process and writes the password to stdin)

[bwateratmsft]

@EricJizbaMSFT I think that asking users for their login password is not a good idea. It sorta seems like one of those "You have no business asking for this password" sort of scenarios...

[ejizba]

Well yes you would have to explain why you're asking for the password. Popping up an external terminal is more of a VS/windows thing to me. It never happens in VS Code because VS Code already has an integrated terminal. I've also just never seen it on a Mac - possibly because of how difficult it is to implement (as you described), but either way the end result is I think users would actually feel more familiar/comfortable with a VS Code password input box than a random external terminal.

[bwateratmsft]

Fixed in #1173 and #1180