49

Currently, I run a simple docker container by using the following files.

DockerFile

FROM microsoft/aspnet:4.7.1
WORKDIR /inetpub/wwwroot
EXPOSE 80
COPY index.html .

docker-compose.yml

version: '3.4'

services:

testapp:
  image: mytestapp:${TAG:-latest}
build:
  context: .
  dockerfile: Dockerfile

docker-compose.override.yml

version: '3.4'

services:
  testapp:
   ports:
    - "9091:80"

I use windows image to create my container by using the following command and I can access it by http://localhost:9091/.

docker-compose -f docker-compose.yml -f docker-compose.override.yml build

I want to access my app by using HTTPS instead of http.

What are the steps that I need to follow ?

marvelTracker
  • 4,691
  • 3
  • 37
  • 49

2 Answers2

29

Thanks Jerome for the answer. I did the following things to get https working on my container. I hope this might be helpful to someone.

This image has IIS on it.

  1. Add Self signed certificate to image from this script:

certificate.ps1

  1. Create Self Signed Certificate.
  2. Install it on local certificate store.
  3. Create HTTPs Binding and add the generated SelfSign Certificate to the default Web site which has my web application
import-module webadministration

cd cert:
$cert = New-SelfSignedCertificate -DnsName myweb -Friendlyname MyCert -CertStoreLocation Cert:\LocalMachine\My

$rootStore = New-Object System.Security.Cryptography.X509Certificates.X509Store -ArgumentList Root, LocalMachine

$rootStore.Open("MaxAllowed")
$rootStore.Add($cert)
$rootStore.Close()

cd iis:
new-item -path IIS:\SslBindings\0.0.0.0!443 -value $cert
New-WebBinding -Name "Default Web Site" -IP "*" -Port 443 -Protocol https
iisreset
  1. Changes in my docker-compose.override.yml file: added port 443.
   version: '3.4'
     services:
       testapp.svc:
         ports:
           - "9091:80"
           - "9092:443"
  1. Changes in my Dockerfile
    FROM microsoft/aspnet:4.7.1
    WORKDIR /inetpub/wwwroot
    EXPOSE 80 
    EXPOSE 443
    COPY index.html .
    COPY certificate.ps1 .
    RUN powershell.exe ./certificate.ps1
marvelTracker
  • 4,691
  • 3
  • 37
  • 49
  • What is `certificate.ps1`? Do you run Nginx as a container? Please describe your whole setup – Pynchia Sep 27 '20 at 06:02
  • The image that I have used had IIS (Web server) in it. Certificate.ps1 does the following things. 1. Create Self Signed Certificate. 2. Install it on local certificate store. 3. Create HTTPs Binding and add the generated SelfSign Certificate to the default Web site which has my web application. Hope this will help. You can do the same with Nginx but syntax will be different. – marvelTracker Sep 28 '20 at 11:06
  • Works great thanks :) – Squibly Dec 06 '21 at 03:59
  • I have also the same scenario like my app is running in linux image container, and I want to access my site with https what should I do, like I understand to expose port 443 in docker and docker compose file but what next, how to run the script ?from where ? – Saad Awan Mar 24 '22 at 07:42
20
  1. You need to configure your web server (inside the docker application) to enable HTTPS.

  2. Open SSL port (443) on docker

    • You can consider using NGINX as a reverse proxy to your webserver and configure SSL in nginx
    • On a side, you can look at letsencrypt to get a free SSL certificate for your domain if this is a public site.
Jerome Anthony
  • 7,823
  • 2
  • 40
  • 31
  • 3
    Hi Jerome, I would access to my https server inner the docker container locally calling `https://localhost:9010/` from the docker host. Should also in this case use NGINX or letsencrypt? Thanks – Luca Motta Jan 31 '20 at 16:30
  • 1
    what about if it is not public site it is for local machine – hu7sy Jun 17 '21 at 09:15
  • 1
    I have also the same scenario like my app is running in linux image container, and I want to access my site with https what should I do, like I understand to expose port 443 in docker and docker compose file but what next, how to run the script ?from where ? – Saad Awan Mar 24 '22 at 07:41