16
30

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?

More than 3 years have passed since last update.

自己署名証明書でhttpsアクセスができるコンテナ

Last updated at Posted at 2018-10-12

1. 鍵の作成

mkdir certs; cd certs

# 1.秘密鍵
openssl genrsa -out server.key 3072

# 2. csr
openssl req -new -key server.key -out server.csr -subj "/CN=example.com"

# 3. csrを署名したcrt
openssl x509 \
 -req \
 -in server.csr \
 -days 36500 \
 -signkey server.key > server.crt
動作確認
openssl \
 s_server \
 -tls1_2 \
 -accept 443 \
 -www \
 -cert server.crt \
 -key server.key 

2. Apache 2.4 コンテナ

httpd.conf

httpd.conf
# 追記

LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
LoadModule ssl_module modules/mod_ssl.so
Include conf/extra/httpd-ssl.conf

実行

run.sh
docker run --rm -it --name https \
 -p 443:443 \
 -p 80:80 \
 -v $(pwd)/conf/httpd.conf:/usr/local/apache2/conf/httpd.conf \
 -v $(pwd)/conf/server.crt:/usr/local/apache2/conf/server.crt \
 -v $(pwd)/conf/server.key:/usr/local/apache2/conf/server.key \
 httpd:2.4

3. nginx コンテナ

設定

ssl.conf
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
server {
    listen 443;
    ssl on;
    #server_name       www.example.com;
    ssl_certificate     /etc/nginx/certs/server.crt;
    ssl_certificate_key /etc/nginx/certs/server.key;
    location / {
        root   /usr/share/nginx/html;
        index  index.html index.htm;
    }
}

実行

run.sh
docker run --rm -it --name ssl \
 -p 43:443 \
 -p 80:80 \
 -v $(pwd)/certs/:/etc/nginx/certs/ \
 -v $(pwd)/ssl.conf:/etc/nginx/conf.d/ssl.conf \
 nginx
16
30
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
16
30

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?