How to use the certificate authority created by mkcert inside a docker container #574
Unanswered
RemyCampanals
asked this question in
Q&A
Replies: 1 comment 1 reply
-
I found a solution.
Now all should work, I still see warning in the browser, but no alert when opening site and my websocets now accept this certs and work fine.
|
Beta Was this translation helpful? Give feedback.
1 reply
# for free
to join this conversation on GitHub.
Already have an account?
# to comment
-
First of all, thanks a lot to the mkcert team, always a pleasure using this tools for years, always working like a charm ! 👌
But for the first time, i'm making something more complex than creating the CA and the certificates, putting them in my nginx container, accessing the project from the browser and that's it. I don't know if it's maybe more a docker/nginx problem than a mkcert problem, but since i'm using mkcert for this, maybe i can have some hints here so here we go ! 🚀
PS: I'm on MacOS using Docker For Desktop, and i'm french so sorry in advance if my english is not perfect
I'm using the latest version of docker-compose, i have 4-5 websites sharing the same two docker containers :
I made a batch file in order to create the CA and all the certificates domains i need :
I used a wildcard in order to use all the subdomain i need :
In my nginx configuration, i have created as many server configuration i needed, for exemple for api.domain.dev :
i repeat this scheme for all my domains, with the Dockerfile files needed to COPY the certificates from the host to the container
And right now, everything works, if i go to api.domain.dev in my browser, or making a POSTMAN request, everything is working perfectly using https protocol, my connexion is secured in a "localhost" environement.
But then :
That way, it seems to create a gateway inside the hosts file in the container in order to be able to connect to the nginx container.
But only if i make a Guzzle request to http://web1.domain.dev and not https://web1.domain.dev. When i tried i have the following error :
So with mkcert i tried to retrieve the rootCA.pem created when using
mkcert -install
in order to use the same certificate authority as my MacOS hosts. But my understanding of all this ssl certificates thingy is beyond my understanding.What i tried is using another batch script with :
Then COPY the rootCA.pem in my Dockerfile configuration and i added the following lines in all my nginx server configuration under the
ssl_certificate_key
line :When i'm doing i break all my workflow (even in a browser or postman request) and i always have the following nginx error :
What do i do wrong ?
Thanks in advance 🙏
And sorry if it's not the place to ask something like this
Beta Was this translation helpful? Give feedback.
All reactions