Skip to content
/ DockerMkcertForLocalSSL Public

A dockerfile containing ngnix configuration to use a local certificate authority (CA) created with mkcert

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

PixsysBE/DockerMkcertForLocalSSL

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
App.Proxy
App.Proxy
 
 
README.md
README.md
 
 
docker-compose.yml
docker-compose.yml
 
 

Repository files navigation

DockerMkcertForLocalSSL

This repository contains a basic implementation of nginx Docker image with mkcert, a simple tool for making locally-trusted development certificates.

It removes the hassle of creating self-signed certificates that can cause trust errors on your browsers. Simply add the app.proxy configuration in your docker-compose.yml and copy the App.Proxy folder, and you're good to go !

Installation

  1. Copy/Paste the App.Proxy folder and its files into your project.
  2. Edit your docker-compose.yml and copy/paste the app.proxy settings.
  3. Rename some values located in docker-compose.yml and nginx.conf
  4. Read these warnings carefully

Remember that mkcert is meant for development purposes, not production, so it should not be used on end users' machines, and that you should not export or share rootCA-key.pem.

Warning: the rootCA-key.pem file that mkcert automatically generates gives complete power to intercept secure requests from your machine. Do not share it.

Trusting your local CA in your system

For all your future local certificates to be trusted, you need to import the root certificate on your host (local system) so they will be valid and recognized in your browsers. Please refer to the following installation section to get it done.

Installation

  1. Uncomment the lines marked with [*] in docker-compose.yml and Dockerfile.
  2. Build the app.proxy container with docker-compose:
docker-compose up app.proxy --build

  1. A rootCA folder is created containing your rootCA-key.pem

  2. Install the root certificate on your host :

Windows

1. Run mmc.exe 
2. File > Add Snap-In > Certificates (computer account)
3. Import rootCA-key.pem  
4. Right-click on the "Trusted Root Certification Authorities" folder and select "All Tasks > Import"

macOS

1. Open Keychain Access
2. Add rootCA-key.pem 
3. Mark it as approved

Linux

1. Add it to /etc/ssl/certs/ 
2. Update the certificates with:
```bash
    sudo cp rootCA-key.pem /usr/local/share/ca-certificates/
    sudo update-ca-certificates
```
  1. Restart browser to make it effective

Warning: Once you imported the rootCA-key.pem in your host, re-comment/delete the lines marked with [*] in docker-compose.yml and Dockerfile.

About

A dockerfile containing ngnix configuration to use a local certificate authority (CA) created with mkcert

Topics

docker nginx ssl dockerfile local docker-compose nginx-proxy ssl-certificate local-development ssl-proxy mkcert certficate

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages