[英]Docker nginx self-signed certificate - can't connect to https
I have been following a few tutorials to try and get my SSL cert working with my docker enviroment.我一直在关注一些教程来尝试让我的 SSL 证书与我的 docker 环境一起使用。 I have decided to go down the route of a self-signed certificate with letsencrypt.
我决定 go 使用letsencrypt的自签名证书的路线。 I have generated the certificate with the following command
我已经使用以下命令生成了证书
certbot certonly --manual \
--preferred-challenges=dns \
--email {email_address} \
--server https://acme-v02.api.letsencrypt.org/directory \
--agree-tos \
--manual-public-ip-logging-ok \
-d "*.servee.co.uk"
NOTE: I am using multi tenancy so I need the wildcard on my domain注意:我使用的是多租户,所以我需要域上的通配符
This works, the certificate has been generated on my server.这有效,证书已在我的服务器上生成。 I am now trying to use this with my docker nginx container.
我现在正尝试将它与我的 docker nginx 容器一起使用。
My docker-compose.yml files looks like this我的 docker-compose.yml 文件看起来像这样
...
services:
nginx:
build:
context: docker/nginx
dockerfile: Dockerfile
ports:
- 433:433
- 80:80
volumes:
- ./src:/var/www/html:delegated
depends_on:
- app
- mysql
networks:
- laravel
...
This is my Dockerfile这是我的 Dockerfile
FROM nginx:stable-alpine
COPY ./fullchain.pem /etc/nginx/fullchain.pem
COPY ./privkey.pem /etc/nginx/privkey.pem
ADD nginx.conf /etc/nginx/nginx.conf
ADD default.conf /etc/nginx/conf.d/default.conf
RUN mkdir -p /var/www/html
RUN addgroup -g 1000 laravel && adduser -G laravel -g laravel -s /bin/sh -D laravel
RUN chown laravel:laravel /var/www/html
I am copying the pem files into the nginx container so I can use them.我将 pem 文件复制到 nginx 容器中,以便可以使用它们。
Here is my default.conf file which should be loading my certificate这是我的 default.conf 文件,应该加载我的证书
server {
listen 80;
index index.php index.html;
server_name servee.co.uk;
root /var/www/html/public;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass app:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
}
server {
listen 443 ssl;
server_name servee.co.uk;
ssl_certificate /etc/nginx/fullchain.pem;
ssl_certificate_key /etc/nginx/privkey.pem;
index index.php index.html;
location / {
proxy_pass http://servee.co.uk; #for demo purposes
}
}
The nginx container builds successfully and when I bash into it I can find the pem files. nginx 容器构建成功,当我将 bash 放入其中时,我可以找到 pem 文件。 The issue is when I go to https://servee.co.uk I just get Unable to connect error.
问题是当我从 go 到https://servee.co.uk我只是得到无法连接错误。 If I go to http://servee.co.uk it works fine.
如果我从 go 到http://servee.co.uk它工作正常。
I'm not sure what I have missed, this has really put me off docker because its such a pain to get SSL working so hopefully its an easy fix.我不确定我错过了什么,这真的让我对 docker 感到厌烦,因为让 SSL 工作非常痛苦,所以希望它是一个简单的修复。
You need to update your docker-compose.yml file to use port 443 instead of 433 to match your nginx.conf.您需要更新 docker-compose.yml 文件以使用端口 443 而不是 433 以匹配您的 nginx.conf。 Try the below docker-compose.yml file.
试试下面的 docker-compose.yml 文件。
...
services:
nginx:
build:
context: docker/nginx
dockerfile: Dockerfile
ports:
- 443:443
- 80:80
volumes:
- ./src:/var/www/html:delegated
depends_on:
- app
- mysql
networks:
- laravel
...
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.