Skip to content

kei711-sandbox/docker-ssl-nginx

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
.idea
.idea
 
 
docker/files/etc/nginx/conf.d
docker/files/etc/nginx/conf.d
 
 
keys
keys
 
 
public
public
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
README.md
README.md
 
 
renovate.json
renovate.json
 
 

Repository files navigation

docker-ssl-nginx

Initialize commands

gibo dump JetBrains macOS > .gitignore
echo "### custom" >> .gitignore
echo "keys/ca*" >> .gitignore
echo "keys/server*" >> .gitignore

Generate keys

Generate a secret-key for CA

openssl genrsa -out ca.key 2048
Generating RSA private key, 2048 bit long modulus
...............................................................................................+++
..............................+++
e is 65537 (0x10001)

Generate a certification from the secret-key for CA

openssl req -new -x509 -days 3650 -key ca.key -out ca.crt
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) []:
State or Province Name (full name) []:
Locality Name (eg, city) []:
Organization Name (eg, company) []:
Organizational Unit Name (eg, section) []:
Common Name (eg, fully qualified host name) []:example.com
Email Address []:

# Browse the certification
openssl x509 -text -in ca.crt -noout

Generate a secret-key for Application Server

openssl genrsa -out server.key 2048
Generating RSA private key, 2048 bit long modulus
................................................................................................+++
....................................+++
e is 65537 (0x10001)

### Generate a certification request from the secret-key for Application Server

openssl req -new -key server.key -out server.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) []:
State or Province Name (full name) []:
Locality Name (eg, city) []:
Organization Name (eg, company) []:
Organizational Unit Name (eg, section) []:
Common Name (eg, fully qualified host name) []:example.jp
Email Address []:

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:

openssl req -text -in server.csr -noout

Generate a certificate for Application Server from CA's both the secret-key and the certification using the certification request

openssl x509 -req -days 3650 -CA ca.crt -CAkey ca.key -CAcreateserial -in server.csr -out server.crt
Signature ok
subject=/CN=example.jp
Getting CA Private Key

openssl x509 -text -in server.crt -noout

Docker commands

docker image build --no-cache -t kei711/docker-ssl-nginx:latest .

docker container run -d --name docker-ssl-nginx -p 8443:443 -p 8080:80 kei711/docker-ssl-nginx:latest
docker container ps -a
docker container rm -f docker-ssl-nginx
docker container exec -it docker-ssl-nginx ash

docker logs -f docker-ssl-nginx

Browse

https://localhost:8443/

References

About

No description, website, or topics provided.

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages