Reputation: 432
Docker nginx self-signed certificate - can't connect to https
I have been following a few tutorials to try and get my SSL cert working with my docker enviroment. I have decided to go down the route of a self-signed certificate with letsencrypt. I have generated the certificate with the following command
certbot certonly --manual \
--preferred-challenges=dns \
--email {email_address} \
--server https://acme-v02.api.letsencrypt.org/directory \
--agree-tos \
--manual-public-ip-logging-ok \
-d "*.servee.co.uk"
NOTE: I am using multi tenancy so I need the wildcard on my domain
This works, the certificate has been generated on my server. I am now trying to use this with my docker nginx container.
My docker-compose.yml files looks like this
...
services:
nginx:
build:
context: docker/nginx
dockerfile: Dockerfile
ports:
- 433:433
- 80:80
volumes:
- ./src:/var/www/html:delegated
depends_on:
- app
- mysql
networks:
- laravel
...
This is my Dockerfile
FROM nginx:stable-alpine
COPY ./fullchain.pem /etc/nginx/fullchain.pem
COPY ./privkey.pem /etc/nginx/privkey.pem
ADD nginx.conf /etc/nginx/nginx.conf
ADD default.conf /etc/nginx/conf.d/default.conf
RUN mkdir -p /var/www/html
RUN addgroup -g 1000 laravel && adduser -G laravel -g laravel -s /bin/sh -D laravel
RUN chown laravel:laravel /var/www/html
I am copying the pem files into the nginx container so I can use them.
Here is my default.conf file which should be loading my certificate
server {
listen 80;
index index.php index.html;
server_name servee.co.uk;
root /var/www/html/public;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass app:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
}
server {
listen 443 ssl;
server_name servee.co.uk;
ssl_certificate /etc/nginx/fullchain.pem;
ssl_certificate_key /etc/nginx/privkey.pem;
index index.php index.html;
location / {
proxy_pass http://servee.co.uk; #for demo purposes
}
}
The nginx container builds successfully and when I bash into it I can find the pem files. The issue is when I go to https://servee.co.uk I just get Unable to connect error. If I go to http://servee.co.uk it works fine.
I'm not sure what I have missed, this has really put me off docker because its such a pain to get SSL working so hopefully its an easy fix.
Upvotes: 0
Views: 4193
Answers (1)
Reputation: 106
You need to update your docker-compose.yml file to use port 443 instead of 433 to match your nginx.conf. Try the below docker-compose.yml file.
...
services:
nginx:
build:
context: docker/nginx
dockerfile: Dockerfile
ports:
- 443:443
- 80:80
volumes:
- ./src:/var/www/html:delegated
depends_on:
- app
- mysql
networks:
- laravel
...
Upvotes: 1
Related Questions
- Running Nginx Docker with SSL self signed certificate
- Nginx cannot load certificate in docker container
- trying ssl to docker nginx container
- Can't enable ssl by docker-letsencrypt-nginx-proxy-companion
- Docker Nginx complains: SSL: error:02001002
- Cannot connect to SSL from outside ubuntu
- How to configure Let's encrypt certificates for nginx inside a docker image?
- Letsencrypt + Docker + Nginx
- Docker with Nginx - Https not working
- Why the "See It Work" section of the Docker https-portal gives me a "port 443: Connection refused" error?