Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support for HTTPS #20

Closed
ashl1 opened this issue Aug 18, 2017 · 7 comments

Comments

@ashl1
Copy link

commented Aug 18, 2017

Thank you for the image!
I think adding support for HTTPS will improve security of using this image in production.
We uses "lets-nginx" image in docker-compose with "registry" to provide worldwide approved SSL certificates. I think ability to use TLS certificate for this image is a good idea.

@Joxit

This comment has been minimized.

Copy link
Owner

commented Aug 18, 2017

You're welcome.
The image is based on Nginx, so you can put your own Nginx configuration to include your own certificates.
There will however be no automatic update of Let's Encrypt certificates.

Exemple of configuration to add in /etc/nginx/conf.d:

server {
  listen              443 ssl;
  ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
  ssl_ciphers         HIGH:!aNULL:!MD5;
  ssl_certificate     /etc/nginx/certs/fullchain.pem;
  ssl_certificate_key /etc/nginx/certs/privkey.pem;
}

server {
  listen 80;
  location /  {
    return 301 https://$host$request_uri;
  }
}
@ashl1

This comment has been minimized.

Copy link
Author

commented Aug 18, 2017

Yes. I suppose to make PR to support using attributes for this image and updated README. What do you think about?

@Joxit

This comment has been minimized.

Copy link
Owner

commented Aug 18, 2017

Yes, you can try.
Activating ssl option shouldn't be in the docker image because it is a specific configuration. Don't you think?
Updating the readme is a good idea (in order to have "how to add ssl in nginx" section).

@Joxit Joxit added the question label Jun 15, 2018

@FritschAuctores

This comment has been minimized.

Copy link

commented Apr 2, 2019

The Page is available with:

server {
  listen              443 ssl;
  ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
  ssl_ciphers         HIGH:!aNULL:!MD5;
  ssl_certificate     /etc/nginx/certs/fullchain.pem;
  ssl_certificate_key /etc/nginx/certs/privkey.pem;
  root /usr/share/nginx/html;
}

server {
  listen 80;
  location /  {
    return 301 https://$host$request_uri;
  }
}

but my error with "remote error: tls: bad certificate" on the dockerhub is still the same

@Joxit

This comment has been minimized.

Copy link
Owner

commented Apr 3, 2019

Hi,
It seems that it's a certificate/nginx configuration issue, either your key or fullchain are incorrect (incorrect format or are not certificates).

@Joxit

This comment has been minimized.

Copy link
Owner

commented Apr 3, 2019

Sorry, I'm currently in Japan and can't go further for this issue.

@Joxit Joxit closed this in 8e539be Apr 16, 2019

@Joxit

This comment has been minimized.

Copy link
Owner

commented Apr 16, 2019

Hello,

I wrote an example for this issue, you can see it here : examples/issue-20

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
3 participants
You can’t perform that action at this time.