Install the .NET SDK on Fedora

In the ever-evolving world of web development, security is paramount. Here we provide a step-by-step guide to not only installing the .NET Software Development Kit (SDK) on Fedora, but also generating an SSL Certificate for your .NET apps, thus ensuring secure connections between client and server.

Part 1: Installing the .NET SDK on Fedora

Our first step is to install the .NET SDK. The .NET SDK is a set of libraries and tools that allow developers to create .NET apps and libraries. It is the foundation for building applications and libraries with .NET Core.

Here’s how you can install the .NET SDK on your Fedora system:

1. Open a terminal window.
2. Input the following command:

   sudo dnf install dotnet-sdk-7.0

3. Press Enter. You might be asked for your password; if so, provide it and press Enter again.
4. Let the installation process finish.

After the completion of the above steps, the .NET SDK should be installed successfully on your Fedora system.

Part 2: Creating an SSL Certificate for Your .NET Apps

Creating an SSL certificate for your .NET applications can enhance the security of your applications. Here’s how you can generate an SSL certificate:

1. First, we need to install Easy-RSA, a CLI utility to build and manage a PKI CA. Run this command:

   sudo dnf install easy-rsa

2. Now, navigate to the home directory and create a new directory .easyrsa with permissions set to 700:

   cd ~
   mkdir .easyrsa
   chmod 700 .easyrsa

3. Copy the Easy-RSA scripts to our newly created directory:

   cd .easyrsa
   cp -r /usr/share/easy-rsa/3/* ./

4. Initialize the Public Key Infrastructure:

   ./easyrsa init-pki

5. We need to set some variables for our certificate. Create a new file called vars and add the following details in it (You can modify these details according to your requirement):

   cat << EOF > vars
   set_var EASYRSA_REQ_COUNTRY "US"
   set_var EASYRSA_REQ_PROVINCE "Texas"
   set_var EASYRSA_REQ_CITY "Houston"
   set_var EASYRSA_REQ_ORG "Development"
   set_var EASYRSA_REQ_EMAIL "[email protected]"
   set_var EASYRSA_REQ_OU "LocalDevelopment"
   set_var EASYRSA_ALGO "ec"
   set_var EASYRSA_DIGEST "sha512"
   EOF

6. Now build the CA with nopass option to not secure the CA key with a passphrase:

   ./easyrsa build-ca nopass
   

7. Copy the generated certificate to the trusted CA directory and update the CA trust on your system:

   sudo cp ./pki/ca.crt /etc/pki/ca-trust/source/anchors/easyrsaca.crt
   sudo update-ca-trust

8. Generate a new key and a certificate signing request for localhost:

   mkdir req
   cd req
   openssl genrsa -out localhost.key
   openssl req -new -key localhost.key -out localhost.req -subj /C=US/ST=Texas/L=Houston/O=Development/OU=LocalDevelopment/CN=localhost
   cd ..

9. Import the certificate signing request and sign it:

   ./easyrsa import-req ./req/localhost.req localhost
   ./easyrsa sign-req server localhost

10. Now, move the server certificate and key to a new directory .certs and convert the certificate to PKCS#12 format:

    cd ~
    mkdir .certs
    cp .easyrsa/pki/issued/localhost.crt .certs/localhost.crt
    cp .easyrsa/req/localhost.key .certs/localhost.key
    cd .certs
    openssl pkcs12 -export -out localhost.pfx -inkey localhost.key -in localhost.crt

11. Lastly, add the path and the password for the certificate in the .bashrc file so the .NET Core Kestrel server can find it (replace YOUR_USERNAME with your actual username and PASSWORD with the password you want to use for your certificate):

    cat << EOF >> ~/.bashrc
    # .NET
    export ASPNETCORE_Kestrel__Certificates__Default__Password="PASSWORD"
    export ASPNETCORE_Kestrel__Certificates__Default__Path="/home/YOUR_USERNAME/.certs/localhost.pfx"
    EOF

And that’s it! You’ve now installed the .NET SDK and generated an SSL certificate for your .NET apps. Your applications are not only more secure but also more professional, creating trust with users who value their data privacy and security.