Laradock, configuring SSL with Nginx on localhost

Question

I've been using Laradock to do my local development for a few weeks now and recently needed to utilise HTTPS in order to get Google to callback to me when integrating social logins.

I develop on Windows using WSL2 and made a change to my hosts file:

127.0.0.1 tinker-dev.com

Any normal http traffic to tinker-dev.com routes correctly and I see my application, great!

I did some reading and found that I need an SSL certificate signed by an authority and stumped upon mkcert , it looks like it should do the job. After following the installation I cd into the nginx/ssl folder which is mounted into Laradocks nginx ssl directory via the NGINX_SSL_PATH=./nginx/ssl/ .env var, and I then ran mkcert tinker-dev.com localhost 127.0.0.1 0.0.0.0::1 to produce a cert and key that could be used to authorise requests from these domains (this produced two files: tinker-dev.com+4.pem and tinker-dev.com+4-key.pem

I then modified the default.conf in the sites-available to utilise these certs:

    # For https
    listen 443 ssl;
    listen [::]:443 ssl ipv6only=on;
    ssl_certificate /etc/nginx/ssl/tinker-dev.com+4.pem;
    ssl_certificate_key /etc/nginx/ssl/tinker-dev.com+4-key.pem;

and also modified laradocks startup.sh to remove the block which auto generates an SSL certificate on load (if default.crtis not found)

#if [ ! -f /etc/nginx/ssl/default.crt ]; then
#    openssl genrsa -out "/etc/nginx/ssl/default.key" 2048
#    openssl req -new -key "/etc/nginx/ssl/default.key" -out "/etc/nginx/ssl/default.csr" -subj "/CN=default/O=default/C=UK"
#    openssl x509 -req -days 365 -in "/etc/nginx/ssl/default.csr" -signkey "/etc/nginx/ssl/default.key" -#out "/etc/nginx/ssl/default.crt"
#fi

I then started my container and found there were no errors in the log, but any traffic to https://tinker-dev.com resulted in no traffic being logged in the access log (http traffic is still logged using the domain)...I also realised that I was just being met with a 403 error for any https traffic.

I ran nginx -T to check which config was loaded and I can see that it is using my certificate/key and if I do cat /etc/nginx/ssl/tinker-dev.com+4.pem it prints the cert, so I'm certain that they are being mounted into the container (same result if I cat the key)

Am I doing anything else obviously wrong here? I'm not a devopsy person and this stuff is all relatively new to me.

Answer 1

I had the exact same issue. Being on Windows 10 version 2004, WSL2 became available allowing you to use Docker Desktop with WSL2 .

I also have VMWare Workstation 14.x installed. I had this frustration for several weeks before deciding to--reluctantly--uninstall VMWare Workstation. This immediately solved my issue. I tried reinstalling VMWare however, that caused the issue to reappear. I also tried removing all virtual networks in the Virtual Network Editor but this did not make a difference.

If you check your NGINX container access logs, you will see that NGINX never receives the connection requests that you make over SSL--Oddly, HTTP requests seem to work fine. Also, the browser shows a certificate from VMWare. Unfortunately, I've spent a lot of time searching for a solution to this issue but have not found one beyond uninstalling VMWare Workstation. I hope this at least gets you on the correct track.