Closed sergeymeleschenko closed 1 year ago
The simplest way is to use bind mounts with the container. In short, you would use something like:
-v /path/to/my/cert/file:/data/path/in/the/container/to/cert/file
when you start the container.
Unfortunately, this is not really "simple" or easy to maintain. Since the goal here is to have an easy to maintain simple and functional container, I haven't really gone down that rabbit hole. The simplest method, is to use the reverse proxy. I did build some scripts to create a reverse-proxy with nginx that uses let's encrypt certs. You can find it here:
https://github.com/immauss/rev-prox
Don't get me wrong, I know this is possible, and I know I could get it there, I just haven't hat the cycles to get the bits in.
The rev-prox was quick hack/work-around ...
Thanks, Scott
How can I use docker container with 443 port with self-signed inside SSL certificate? Redirect 443:9392 doesn't work and doesn't respond.
@immauss How can I use docker container with 443 port with self-signed inside SSL certificate? Redirect 443:9392 doesn't work and doesn't respond.
How are you starting the container? You should be able to add the option:
-e HTTPS=true
This will give you the self signed cert. Then change the redirect 443:9392 and you should get it.
Sorry for the long delay...
-Scott
Thanks. It works. But the certificate is out of date. How can I update it inside the container? or add my cert to container
WOW! Thank you!
On looking into this, I realized the scripts to update the image with the latest data from Greenbone was also dragging along the certs. So while my startup scripts are creating new certs on container start, the tar comes along afterwards and replaces them with old out of date self-signed certs.
I update the refresh script to exclude the directories with the certificates as well as modified how the startup scripts check the certs. Now, if the self signed cert is ever out of date again, it will automagically be replaced.
This change is now live in the latest image and 22.4.13.
Thanks, Scott
Great. Thanks. But I deployed with docker-compose.yaml.
version: "3" services: openvas: ports:
How can I update to the latest version without data loss ?
Please let me know how to configure SSL with my own certificate. Do you have a manual? Now in container SSL cert is valid for 31.03.2023.