greyltc
commented
8 years ago Your permissions on /home/root/sslCert and probably /home/root are preventing docker from using that folder?
Closed robclay closed 8 years ago
greyltc
commented
8 years ago Your permissions on /home/root/sslCert and probably /home/root are preventing docker from using that folder?
robclay
commented
8 years ago Thanks for your quick response! I changed the location / ran the permissions and I ended starting the image without the error. Something strange happens... I am unable to connect at all...
Firefox reports: Unable to connect... but if I remove the -v "ssl stuff" and run again, I can connect (using the self signed cert in Option B I guess.)
Question: When I created the CSR file to apply for my SSL, should I have run the commands within docker somehow? I used openssl req -new -key <private key file name>.key -out <csr file name>.csr. Because I do not fully grasp how SSLs work, I am wondering if that can be an issue?
Also, I just talked to a chat help with rapidssl... they told me I needed to have the intermediate.crt also placed in the same directory. Does this need to be named something specifically to match yours?
Thanks for any and all help!
robclay
commented
8 years ago Fixed by the following:
I 'entered' the container shell.
I edited the httpd-ssl.conf and uncommented / modified
SSLCertificateChainFile "/root/sslKeys/intermediate.crt"
I then:
apachectl stop
and
apachectl start
It prompted:
Some of your private key files are encrypted for security reasons. In order to read them you have to provide the pass phrases.
so I entered it. But it seems to be working.
Will this always be prompted when I start? i.e. Will I need to 'enter' the container to answer this each time? Or did I mess something up!?
Thanks!
robclay
commented
8 years ago i should have researched... http://serverfault.com/questions/160768/stop-apache-from-asking-for-ssl-password-each-restart This solves the restart problem. Which i bet was the original issue. :/
greyltc
commented
8 years ago I think the solution here is for you to regenerate your secret SSL files so that they don't need a password to be used. Having them password protected is only really needed if you're worried about them falling into the wrong hands.
robclay
commented
8 years ago Agreed. That solved it.
greyltc
commented
8 years ago cool.
When running with:
docker run -v /shares/myextshare:/usr/share/webapps/owncloud/data --name oc --restart=’always’ -p 8080:80 -p 8443:443 -d l3iggs/owncloudeverything seems to work.When I try to add my own SSL Key:
docker run -v /shares/myextshare:/usr/share/webapps/owncloud/data -v /home/root/sslCert:/root/sslKeys --name oc --restart=’always’ -p 8080:80 -p 8443:443 -d l3iggs/owncloudI get:Error response from daemon: Cannot start container 7(yada Yad Yada)a: [8] System error: invalid argumentAny Suggestions or order placement issues?And as an aside... thanks for making this available!