Run docker service on HTTPS

Question

Currently, I run a simple docker container by using the following files.

DockerFile

FROM microsoft/aspnet:4.7.1
WORKDIR /inetpub/wwwroot
EXPOSE 80
COPY i         


        

Answer 1

Thanks Jerome for the answer. I did the following things to get https working on my container. I hope this might be helpful to someone.

This image has IIS on it.

1. Add Self signed certificate to image from this script:

certificate.ps1

1. Create Self Signed Certificate.
2. Install it on local certificate store.
3. Create HTTPs Binding and add the generated SelfSign Certificate to the default Web site which has my web application

import-module webadministration

cd cert:
$cert = New-SelfSignedCertificate -DnsName myweb -Friendlyname MyCert -CertStoreLocation Cert:\LocalMachine\My

$rootStore = New-Object System.Security.Cryptography.X509Certificates.X509Store -ArgumentList Root, LocalMachine

$rootStore.Open("MaxAllowed")
$rootStore.Add($cert)
$rootStore.Close()

cd iis:
new-item -path IIS:\SslBindings\0.0.0.0!443 -value $cert
New-WebBinding -Name "Default Web Site" -IP "*" -Port 443 -Protocol https
iisreset

2. Changes in my docker-compose.override.yml file: added port 443.

   version: '3.4'
     services:
       testapp.svc:
         ports:
           - "9091:80"
           - "9092:443"

3. Changes in my Dockerfile

    FROM microsoft/aspnet:4.7.1
    WORKDIR /inetpub/wwwroot
    EXPOSE 80 
    EXPOSE 443
    COPY index.html .
    COPY certificate.ps1 .
    RUN powershell.exe ./certificate.ps1

Answer 2

1. You need to configure your web server (inside the docker application) to enable HTTPS.

2. Open SSL port (443) on docker

   • You can consider using NGINX as a reverse proxy to your webserver and configure SSL in nginx
   • On a side, you can look at letsencrypt to get a free SSL certificate for your domain if this is a public site.