search

Borjis131 / docker-open5gs

Open5GS 5G Core Docker images and Docker compose deployments
GNU Affero General Public License v3.0
20 stars 11 forks source link

How to enable TLS? #4

Closed ChoB100 closed 9 months ago

ChoB100 commented 9 months ago

In the /docker-open5gs/configs/basic directory, I modified the no_tls option of the NFs from true to false (modify the .yaml file).

sbi: server: no_tls: false

client: no_tls: false

However, the warning log below is repeated on the core.

image

Do I need to change any other settings?

Borjis131 commented 9 months ago

Hi @ChoB100,

The configured port in the basic configs for the Network Functions is the port 80. When TLS is enabled the port should be changed to port 443 as the error shows.

I did not test it yet but I think it should work, let me know and if more errors appear!

ChoB100 commented 9 months ago

Changed all port numbers to 443 for SBI.

And I set all no_tls options to false.

I get the warning below.

image

Borjis131 commented 9 months ago

Hi @ChoB100,

Seems like we are narrowing down the problem.

Now the problem seems to be in the certificates being used by the Network Functions, this certificates seem to be generated for a domain name nrf.localdomain instead of the domain name being used in docker to reach the other Network Functions, in this case nrf.open5gs.org.

I am thinking two ways to solve this: 1) Generating new certificates for all the Network Functions 2) Changing the DNS names for each of the Network Functions in the docker-compose.yaml

I think solution 2) is quicker to test. It is just changing the aliases to nf.localdomain (being nf: amf, smf, ...)

Borjis131 commented 9 months ago

Did it work @ChoB100?