How do I add SSL to my Nginx and Docker build?

Question

I'm trying to configure SSL on my server, but I've been getting a file not found error. Is there something I'm missing?

Here's my Dockerfile:

# build environment
FROM node:9.6.1 as builder
RUN mkdir /usr/src/app
WORKDIR /usr/src/app
ENV PATH /usr/src/app/node_modules/.bin:$PATH
COPY package.json /usr/src/app/package.json
RUN npm install --silent
RUN npm install react-scripts@1.1.1 -g --silent
COPY . /usr/src/app
RUN npm run build

# production environment
FROM nginx:1.13.9-alpine
COPY nginx.conf /etc/nginx/conf.d/default.conf
COPY --from=builder /usr/src/app/client/build /usr/share/nginx/html
EXPOSE 80
EXPOSE 443
CMD ["nginx", "-g", "daemon off;"]

My nginx config:

server {
    listen       80;

    listen 443 ssl;

    server_name server_name.com;
    ssl_certificate /etc/ssl/certs/bundle.crt;
    ssl_certificate_key /etc/ssl/generated-private-key.key;

    location / {
        root   /usr/share/nginx/html;
        index  index.html index.htm;
        try_files $uri /index.html;
    }
}

My docker command:

sudo docker run -v /etc/ssl/:/etc/ssl/ -p 443:443 f021855220c3

And here's the error I get:

2019/08/31 17:51:06 [emerg] 1#1: SSL_CTX_use_PrivateKey_file("/etc/ssl/generated-private-key.key") failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/ssl/generated-private-key.key','r') error:20074002:BIO routines:FILE_CTRL:system lib error:140B0002:SSL routines:SSL_CTX_use_PrivateKey_file:system lib)
nginx: [emerg] SSL_CTX_use_PrivateKey_file("/etc/ssl/generated-private-key.key") failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/ssl/generated-private-key.key','r') error:20074002:BIO routines:FILE_CTRL:system lib error:140B0002:SSL routines:SSL_CTX_use_PrivateKey_file:system lib)

The error message seems pretty clear: the private key file `/etc/ssl/generated-private-key.key` does not exist. — digijay, Aug 31 '19 at 19:12

score 1 · Answer 1 · answered Sep 13 '19 at 11:04

Can you try to change nginx like this below

server 
{
 listen 443;

 root /usr/share/nginx/html;
 index index.php index.html index.htm;

 server_name example.com;

 ssl    on;
 ssl_certificate    /etc/ssl/certs/your.pem;
 ssl_certificate_key    /etc/ssl/private/your.key;

..Your stuff.
.............
.............

}

Hope you already have pem and key file inside of docker else map the folder to docker from local machine with these files to run properly.

score 0 · Accepted Answer · answered Sep 17 '19 at 13:30

0

The issue was that Nginx couldn't find my keys. I was actually running the docker command as a permanent background task rather than sudo docker run -v /etc/ssl/:/etc/ssl/ -p 443:443 f021855220c3, so I wasn't getting any output!

answered Sep 17 '19 at 13:30

mfisher91

111
4

How do I add SSL to my Nginx and Docker build?

2 Answers2