Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
HTTPS Problem using self signed certs
See original GitHub issueHi All: Hope I’m not duplicating a post…I’m having trouble using self signed certs and getting the reverse-proxy server to forward to the upstream containers. I.e., “https://mysite.dyndns.org” stops at the reverse-proxy server index.html page (and does not reach the right page on the upstream container).
I’m trying Jason’s great toolset. I’d like to use https with self signed certs, ideally making things such that a client machine can’t reach an upstream Docker container without having the right certs. I.e., the reverse-proxy server would have on set of “common” ssl self signed certs, and each container would have a unique set. I’ve gotten this to work using a nginx.conf “upstream” approach, so I think it’s technically feasible.
My guess is either there’s a “better way to do this”, or I’m missing something in my configs.
When trying it with jwilder code, I can get things to work when not using https (i.e., using http). Here, my docker-compose.yml is:
version: '2'
services:
nginx-proxy:
container_name: nginx-proxy
image: jwilder/nginx-proxy
ports:
- "80:80"
- "443:443"
network_mode: "host"
dns_search:
- "mysite.dyndns.org"
volumes:
- "/var/run/docker.sock:/tmp/docker.sock:ro"
nginx0:
image: nginximage
container_name: Test0
expose:
- "500"
environment:
- VIRTUAL_HOST=mysite.dyndns.org
Initially, my assumption is I can use ssl to get to the reverse-proxy server, and use http to get to the upstream ones. Eventually, I’m assuming connections to the upstream will be SSL end to end…but my initial tests trying the following docker-compose.yml file never get past the revere-proxy server.
version: '3'
services:
nginx-proxy:
container_name: nginx-proxy
image: jwilder/nginx-proxy
ports:
- "80:80"
- "443:443"
network_mode: "host"
dns_search:
- "mysite.dyndns.org"
volumes:
- "/var/run/docker.sock:/tmp/docker.sock:ro"
- "/pathto/certs:/etc/nginx/ssl"
- "/pathto/nginx.conf:/etc/nginx/nginx.conf"
- "/pathto/index.html:/usr/share/nginx/html/index.html"
nginx0:
image: nginximage
container_name: Test0
expose:
- "500"
environment:
- VIRTUAL_HOST=mysite.dyndns.org
Suggestions? Thoughts? Help! Have tried tweaking various things in the docker-compose file, loading nginx into the upstream container so far…no joy. Thanks!
Issue Analytics
- State:
- Created 6 years ago
- Reactions:2
- Comments:7
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
I had the same issue and the problem was with volume mounting. Doing
docker-compose downand thendocker-compose upfixed it.I have tried this approach as well but still nothings seems to be working. My docker-compose file is like:
site1: build: site1 environment: VIRTUAL_HOST: site1.domain.com #VIRTUAL_PROTO: https #VIRTUAL_PORT: 443 restart: always
site2: build: site2 environment: VIRTUAL_HOST: site2.domain.com #VIRTUAL_PROTO: https #VIRTUAL_PORT: 443 restart: always
site3: build: site3 environment: VIRTUAL_HOST: site3.domain.com #VIRTUAL_PROTO: https #VIRTUAL_PORT: 443 restart: always
nginx-proxy: image: jwilder/nginx-proxy ports: - “80:80” - “443:443” volumes: - /var/run/docker.sock:/tmp/docker.sock:ro - certs:/etc/nginx/certs:ro restart: always privileged: true
“certs” folder is kept in same folder where docker-compose is there. please suggest possible cause.