Skip to content

How to configure ngnix with ssl certificates for two or more api rest with docker and spring boot #4

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
cesarjv opened this issue Jun 27, 2020 · 0 comments
Open

How to configure ngnix with ssl certificates for two or more api rest with docker and spring boot #4

cesarjv opened this issue Jun 27, 2020 · 0 comments

Comments

@cesarjv
Copy link

cesarjv commented Jun 27, 2020

Good afternoon I am working with ngnix as a reverse proxy, and with spring boot to develop api rest, all raising with docker, the question is that I need to work with secure https, for which I create my self-signed certificates as detailed below:

Prepare my certificates with openssl:

#!/bin/bash
echo "Generating an SSL private key to sign your certificate..."
openssl genrsa -des3 -out myssl.key 1024
 
echo "Generating a Certificate Signing Request..."
openssl req -new -key myssl.key -out myssl.csr
 
echo "Removing passphrase from key (for nginx)..."
cp myssl.key myssl.key.org
openssl rsa -in myssl.key.org -out myssl.key
rm myssl.key.org
 
echo "Generating certificate..."
openssl x509 -req -days 365 -in myssl.csr -signkey myssl.key -out myssl.crt

2020-06-19_20-42-06-df3e7a8f6f448f7b1734c088c9148ce9

My directory where is my applications and docker-compose yml file:

directorio aplciacion

My Docker Compose:

version: '3'
services:
  nginx:
   container_name: ngnix
   image: nginx:1.13
   restart: always
   ports:
   - 37004:80
   - 37005:443
   volumes:
   - ./nginx-conf.d:/etc/nginx/conf.d
   - ./data-cert:/certs
   depends_on:
   - app
   - app2

  app:
    image: prueba-https
    container_name: prueba-https
    restart: unless-stopped
    build:
      context: ./app
      dockerfile: Dockerfile
    expose:
      - "8080"
    ports:
      - 37006:8080

  app2:
    image: prueba-https-2
    container_name: prueba-https-2
    restart: unless-stopped
    build:
      context: ./app2
      dockerfile: Dockerfile
    expose:
      - "8080"
    ports:
      - 37007:8080

Internally (not on the host) I am exposing the containers by port 8080, as seen in the yml file, I don't know if this can be done to configure ssl, or if app2 should expose it on port 8081, for example, they would like help me clarify that.

Inside the nginx-conf.d folder I have my app.conf file, which is in the volume defined in my docker-compose yml file:

directorio nginx

app.conf

server { 
    listen *:80; 
    return 301 https://$host$request_uri; 
} 

server { 
      listen 443 ssl; 
      ssl on; ssl_certificate /certs/myssl.crt; 
       ssl_certificate_key /certs/myssl.key; 
}

My containers raised

docker ps

All good so far, but when I am going to test the api rest in postman, with the container that rises on port 37006 everything is fine with https, but with the port that rises on port 37007 I cannot use https:

HTTPS Ok (37006)

https ok

Bad HTTPS (37007)

https bad

What am I doing wrong?

I am not using domain, in my company the api are handled as I show, using the POST method always

Should I generate a certificate for each application individually?

Should I expose my app2 application on port 8081, example?

I'm totally new to ngnix and I couldn't find a solution to this problem
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@cesarjv