Compiler Warning ASPIRECERTIFICATES001
Version introduced: 13.0
Certificate configuration types and members are for evaluation purposes only and are subject to change or removal in future updates. Suppress this diagnostic to proceed.
This diagnostic warning is reported when using experimental certificate configuration APIs in Aspire, including:
IDeveloperCertificateServiceinterfaceHttpsCertificateAnnotationclass- Certificate-related extension methods like
WithHttpsCertificate,WithHttpsDeveloperCertificate,WithoutHttpsCertificate - Certificate configuration builder extensions like
WithHttpsCertificateConfigandWithHttpsCertificateConfiguration
These APIs enable configuring HTTPS/TLS server certificates for resources in your Aspire application, including support for custom certificates and developer certificates for local development scenarios.
Example
The following code generates ASPIRECERTIFICATES001:
var builder = DistributedApplication.CreateBuilder(args);
// Using developer certificate
builder.AddViteApp("frontend")
.WithHttpsDeveloperCertificate();
// Using a custom certificate
var certificate = new X509Certificate2("path/to/certificate.pfx", "password");
builder.AddYarp("gateway")
.WithHttpsCertificate(certificate);
// Disabling HTTPS certificate configuration
builder.AddRedis("cache")
.WithoutHttpsCertificate();
// Using IDeveloperCertificateService
var developerCertService = builder.Services
.BuildServiceProvider()
.GetRequiredService<IDeveloperCertificateService>();Understanding certificate configuration
Aspire 13.1 introduced TLS termination support APIs that allow you to configure HTTPS certificates for resources that need to terminate TLS connections. Several containers have built-in TLS termination support:
| Container | Default |
|---|---|
| YARP | Enabled |
| Redis | Enabled |
| Keycloak | Enabled |
| Uvicorn (Python) | Enabled |
| Vite (JavaScript) | Opt-in |
When TLS is enabled by default, the ASP.NET Core developer certificate is automatically used if available and trusted.
Developer certificate configuration
The IDeveloperCertificateService provides information about developer certificates:
Certificates— List of valid development certificates available for trustSupportsContainerTrust— Indicates if certificates support container domains likehost.docker.internalUseForHttps— Indicates if developer certificates should be used for TLS termination by defaultTrustCertificate— Indicates if certificates should be trusted at runtime by default
To suppress this warning
Suppress the warning with either of the following methods:
Set the severity of the rule in the .editorconfig file.
[*.{cs,vb}] dotnet_diagnostic.ASPIRECERTIFICATES001.severity = noneFor more information about editor config files, see Configuration files for code analysis rules.
Add the following
PropertyGroupto your project file:<PropertyGroup> <NoWarn>$(NoWarn);ASPIRECERTIFICATES001</NoWarn> </PropertyGroup>Suppress in code with the
#pragma warning disable ASPIRECERTIFICATES001directive:#pragma warning disable ASPIRECERTIFICATES001 var developerCertService = builder.Services .BuildServiceProvider() .GetRequiredService<IDeveloperCertificateService>(); #pragma warning restore ASPIRECERTIFICATES001