dockercompose-springboot-nginx icon indicating copy to clipboard operation
dockercompose-springboot-nginx copied to clipboard

Published 20 hours ago verified publisher icon hellokoding

How to configure ngnix with ssl certificates for two or more api rest with docker and spring boot

Open cesarjv opened this issue 4 years ago • 0 comments

Good afternoon I am working with ngnix as a reverse proxy, and with spring boot to develop api rest, all raising with docker, the question is that I need to work with secure https, for which I create my self-signed certificates as detailed below:

Prepare my certificates with openssl:

#!/bin/bash
echo "Generating an SSL private key to sign your certificate..."
openssl genrsa -des3 -out myssl.key 1024
 
echo "Generating a Certificate Signing Request..."
openssl req -new -key myssl.key -out myssl.csr
 
echo "Removing passphrase from key (for nginx)..."
cp myssl.key myssl.key.org
openssl rsa -in myssl.key.org -out myssl.key
rm myssl.key.org
 
echo "Generating certificate..."
openssl x509 -req -days 365 -in myssl.csr -signkey myssl.key -out myssl.crt

2020-06-19_20-42-06-df3e7a8f6f448f7b1734c088c9148ce9

My directory where is my applications and docker-compose yml file:

directorio aplciacion

My Docker Compose:

version: '3'
services:
  nginx:
   container_name: ngnix
   image: nginx:1.13
   restart: always
   ports:
   - 37004:80
   - 37005:443
   volumes:
   - ./nginx-conf.d:/etc/nginx/conf.d
   - ./data-cert:/certs
   depends_on:
   - app
   - app2

  app:
    image: prueba-https
    container_name: prueba-https
    restart: unless-stopped
    build:
      context: ./app
      dockerfile: Dockerfile
    expose:
      - "8080"
    ports:
      - 37006:8080

  app2:
    image: prueba-https-2
    container_name: prueba-https-2
    restart: unless-stopped
    build:
      context: ./app2
      dockerfile: Dockerfile
    expose:
      - "8080"
    ports:
      - 37007:8080

Internally (not on the host) I am exposing the containers by port 8080, as seen in the yml file, I don't know if this can be done to configure ssl, or if app2 should expose it on port 8081, for example, they would like help me clarify that.

Inside the nginx-conf.d folder I have my app.conf file, which is in the volume defined in my docker-compose yml file:

directorio nginx

app.conf

server { 
    listen *:80; 
    return 301 https://$host$request_uri; 
} 

server { 
      listen 443 ssl; 
      ssl on; ssl_certificate /certs/myssl.crt; 
       ssl_certificate_key /certs/myssl.key; 
}

My containers raised

docker ps

All good so far, but when I am going to test the api rest in postman, with the container that rises on port 37006 everything is fine with https, but with the port that rises on port 37007 I cannot use https:

HTTPS Ok (37006)

https ok

Bad HTTPS (37007)

https bad

What am I doing wrong?

I am not using domain, in my company the api are handled as I show, using the POST method always

Should I generate a certificate for each application individually?

Should I expose my app2 application on port 8081, example?

I'm totally new to ngnix and I couldn't find a solution to this problem

cesarjv avatar Jun 27 '20 01:06 cesarjv