Open joelataylor opened 2 months ago
To be honnest, i never tried to activate apache ssl. Its should work but as you seen, some vhost are not properly configured (because we do not generate the self-signed for our default vhost). I trust i will never. Instead of that you can add a reverse proxy to manage your certificate :
version: "3.9"
services:
gxca-middleware:
networks:
- back
volumes:
- ".:/var/www/html"
labels:
- traefik.enable=true
- traefik.docker.network=traefik
- traefik.http.routers.gxca-middleware_router.rule=Host(`gxca.localhost`)
- traefik.http.routers.gxca-middleware_router.service=gxca-middleware_service
- traefik.http.services.gxca-middleware_service.loadbalancer.server.port=80
traefik:
image: traefik:2.9
command:
- --providers.docker
- --providers.docker.exposedByDefault=false
- --api.dashboard=false
networks:
- back
ports:
- "80:80"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
...then to configure ssl, you can use traefik features (for self signed, letsencrypt or anyothers). For example with LE :
services:
traefik:
command:
- --entrypoints.web.address=:80
- --entrypoints.websecure.address=:443
- --certificatesresolvers.le.acme.email=your@email.com
- --certificatesresolvers.le.acme.storage=/secrets/acme.json
- --certificatesresolvers.le.acme.tlschallenge=true
ports:
- "80:80"
- "443:443"
volumes:
- traefik_data:/secrets/
volumes:
traefik_data:
driver: local
Hi ya. I'm trying to set up SSL but it's not linking the
default-ssl.conf
Apache config into thesites-enabled
directory. If I symlink it there manually, I then get a missing cert error:/etc/ssl/certs/ssl-cert-snakeoil.pem
isn't on the system. So I thought ok, should I go manually create the self-signed cert? Nope, that didn't work either.So, I think I'm going down a rabbit hole that I shouldn't be. I'm sure you've built the platform for SSL capabilities.
Note: I actually don't think what I'm trying to do (call the AWS API) will work with a self-signed cert. 🤔
Here's my Docker files:
Dockerfile
docker-compose.yml