Use SSL certificat in other containers

[cetuuus]

Hi,
I need to generate an SSL certificate for docker-mailserver (mail.mydomain.com). Since port 80 is already used by NPM, I wanted to generate the certificate with NPM then mounted the npm_letsencrypt volume (the volume that contains the certificates) on /etc/letsencrypt in the mailserver container. In order to have access to /etc/letsencrypt/live/mail.mydomain.com/ in the mailserver container.

Except the problem is that NPM puts its certificates in /etc/letsencrypt/live/npm-[NUMBER]/. Is there a way to create a certificate in a correct directory or another way to generate a certificate that does not use port 80 and is easy to renew?

[kmarius]

I created a dummy proxy host for mail.example.com and run a daily cron job to identify and copy the correct certificate from one container to another:

#!/bin/bash

set -eu

npm=/root/docker/nginx-proxy-manager
dest=/root/docker/maddy/data/tls
domain='mail\.example\.com'

fullchain=$(find "$npm/letsencrypt/live/" -name fullchain.pem -exec sh -c 'openssl x509 -text < "$1" | grep -q '"$domain" _ {} \; -print | head -1)
if [[ -z "$fullchain" ]]; then
        echo "No certificate found for $domain" >&2
        exit 1
fi

fullchain=$(readlink -f "$fullchain")
privkey=${fullchain/fullchain/privkey}

cp "$fullchain" "$dest"/fullchain.pem
cp "$privkey" "$dest"/privkey.pem