SSL certificate generated successfully but the site is not accessible on https.

nanoninja / docker-nginx-php-mysql

Docker running Nginx, PHP-FPM, MySQL & PHPMyAdmin

1.76k stars 867 forks source link

SSL certificate generated successfully but the site is not accessible on https. #11

Closed furqank786 closed 6 years ago

furqank786 commented 6 years ago

@nanoninja

Created SSL certificate successfully using the command as mentioned in the configuration section. "source .env && sudo docker run --rm -v $(pwd)/etc/ssl:/certificates -e "SERVER=$NGINX_HOST" jacoelho/generate-certificate"

Also uncommented the SSL setting section from the "default.template.conf" file but https is not implementing on the application URL.

Just for try: Updated the "$NGINX_HOST" with my virtual machine IP (application address) and also with the created virtual host with no success.

Also did the docker-compose down -v and docker-compose up -d after update the configuration.

Please help me in this regard. Thanks

nanoninja commented 6 years ago

Hello @furqank786,

If you are using a virtual machine on which docker is running and you are trying to access it externally you should add the domain to the /etc/hosts file of the host machine.

You should probably choose another name than localhost ($NGINX_HOST).

Example on MACOSX or Linux:

# Open the following file
vim /etc/hosts

# Add the following line
192.168.*.*.   yourdomain

Then open your browser

https://yourdomain:3000/

I tested with a linux virtual machine on my mac and it works.

Vincent.

furqank786 commented 6 years ago

@nanoninja

Thank you for your reply. Yes I had added the domain entry in the hosts file and I am able to access the application through "mydomain.com"

But when access application https://mydomain:3000 system generate error message "Unable to connect" This is the part of SSL settings of my default.template.conf file

server { server_name mydomain

 listen 443 ssl;
 fastcgi_param HTTPS on;

 ssl_certificate /etc/ssl/server.pem;
 ssl_certificate_key /etc/ssl/server.key;
 ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;

 index index.php index.html;
 error_log  /var/log/nginx/error.log;
 access_log /var/log/nginx/access.log;
 root /var/www/html/public;

 location / {
     try_files $uri $uri/ /index.php$is_args$args;
 }

 location ~ \.php$ {
     try_files $uri =404;
     fastcgi_split_path_info ^(.+\.php)(/.+)$;
     fastcgi_pass php:9000;
     fastcgi_index index.php;
     include fastcgi_params;
     fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
     fastcgi_param PATH_INFO $fastcgi_path_info;
 }

Am I doing something wrong ?

nanoninja commented 6 years ago

@furqank786,

This seems ok. Maybe you have blocked or conflicting ports on your virtual machine ?

Sometimes you have to do port forwarding depending on the configuration. Do you use VirtualBox or VMware?

Make sure the keys are in the etc/ssl directory before starting.

Vincent.

furqank786 commented 6 years ago

@nanoninja

How can I check the port is block or conflicting on my virtual machine.

I use VirtualBox for virtual machine.

Yes the key is in the etc/ssl directory

Thank you

nanoninja commented 6 years ago

@furqank786,

It depends if you are in bridge or in NAT. If by default you are in NAT you must do a port forwarding.

Otherwise go from NAT to bridge so that DHCP can assign you an IP.

What is strange is that port 80 is already working.

furqank786 commented 6 years ago

@nanoninja

By default virtual machine is using NAT.

8080 port is also working for phpmyadmin.

furqank786 commented 6 years ago

@nanoninja

Fixed the issue, there was no issue of the port blockage. once again updated the .env file with new mydomain entry and generated the SSL certificate and updated the SSL port in the yml file to 443: 443 and it works like a charm.

Thank you.