OpenSSL no longer included in image #182
Comments
|
That's correct - the idea is to keep nginx image as minimal as it can be, without shipping things not directly used by nginx. What's the case for openssl in your setup? |
|
We were using it to generate self-signed certs directly in the container. |
|
Right, so a plain apt install openssl will work right after FROM: nginx. I'll keep this issue open to collect the feedback from the users that might want to +1 it and we'll see if it makes sense to provide openssl in the base image. Thanks! |
|
@thresheek Thanks for your quick responses. We have moved openssl into its own container and this is no longer an issue for us. |
|
My vote would be to never add it to the nginx container; it's simple enough to mount a volume from $HOST or elsewhere, and isolate certification creation away from the network-exposed service. You can(should) even mount said volume as read-only in nginx, for further security/protection. |
- remove generation of self-cigned certificates from start script - remove openssl package installation $ This only causes problems and isn't recommended to do by nginx developers (nginxinc/docker-nginx#182).
- remove generation of self-cigned certificates from start script - remove openssl package installation This only causes problems and isn't recommended to do by nginx developers (nginxinc/docker-nginx#182).
It appears that the switch from base image Jessie to strech-slim has removed openssl from the container image. Any plans to add openssl back into the nginx image?
The text was updated successfully, but these errors were encountered: