Run docker service on HTTPS

问题

Currently, I run a simple docker container by using the following files.

DockerFile

FROM microsoft/aspnet:4.7.1
WORKDIR /inetpub/wwwroot
EXPOSE 80
COPY index.html .

docker-compose.yml

version: '3.4'

services:

testapp:
  image: mytestapp:${TAG:-latest}
build:
  context: .
  dockerfile: Dockerfile

docker-compose.override.yml

version: '3.4'

services:
  testapp:
   ports:
    - "9091:80"

I use windows image to create my container by using the following command and I can access it by http://localhost:9091/.

docker-compose -f docker-compose.yml -f docker-compose.override.yml build

I want to access my app by using HTTPS instead of http.

What are the steps that I need to follow ?

回答1:

1. You need to configure your web server (inside the docker application) to enable HTTPS.

2. Open SSL port (443) on docker

   • You can consider using NGINX as a reverse proxy to your webserver and configure SSL in nginx
   • On a side, you can look at letsencrypt to get a free SSL certificate for your domain if this is a public site.

回答2:

Thanks Jerome for the answer. I did the following things to get https working on my container. I hope this might be helpful to someone.

1. Add Self signed certificate to image from this script:

certificate.ps1

import-module webadministration

cd cert:
$cert = New-SelfSignedCertificate -DnsName myweb -Friendlyname MyCert -CertStoreLocation Cert:\LocalMachine\My

$rootStore = New-Object System.Security.Cryptography.X509Certificates.X509Store -ArgumentList Root, LocalMachine

$rootStore.Open("MaxAllowed")
$rootStore.Add($cert)
$rootStore.Close()

cd iis:
new-item -path IIS:\SslBindings\0.0.0.0!443 -value $cert
New-WebBinding -Name "Default Web Site" -IP "*" -Port 443 -Protocol https
iisreset

2. Changes in my docker-compose.override.yml file: added port 443.

   version: '3.4'
     services:
       testapp.svc:
         ports:
           - "9091:80"
           - "9092:443"

3. Changes in my Dockerfile

    FROM microsoft/aspnet:4.7.1
    WORKDIR /inetpub/wwwroot
    EXPOSE 80 
    EXPOSE 443
    COPY index.html .
    COPY certificate.ps1 .
    RUN powershell.exe ./certificate.ps1

回答3:

I use centos 7.7

docker run -d -p 80:8082 -p 443:8083 myweb

http://localhost:8082/ -- Works fine https://localhost:8083/ -- Doesnt seem to work

**

• My Simple Docker file

** FROM nginx:latest

COPY index.html /usr/share/nginx/html COPY Cloud.jpg /usr/share/nginx/html

EXPOSE 80 EXPOSE 443

CMD ["nginx", "-g", "daemon off;"] ~

来源：https://stackoverflow.com/questions/50810165/run-docker-service-on-https