ykarikos/docker-ssl-proxy.md

## docker-ssl-proxy.md

      
    Raw
  

              docker-ssl-proxy.md
            
          
    Self-signed SSL reverse proxy with Docker

This is based on the marvellous blog posting by Oliver Zampieri.
This howto is written to create a self signed SSL NginX proxy on MacOS to

Expose proxy at local host port 5001
Connect the port 5001 to port 443 inside Docker
Proxy the port 443 to port 5000 on the host computer

This means that:

Your application should be listening on http://0.0.0.0:5000
Your application will be accessible at https://myhost.local:5001

Create the self signed certificate

We will use myhost.local as the hostname. You can change this.
$ mkdir docker-ssl-proxy
$ cd docker-ssl-proxy
$ openssl req -subj '/CN=myhost.local' -x509 -newkey rsa:4096 -nodes -keyout key.pem -out cert.pem -days 365

Edit /etc/hosts

Add this line in your /etc/hosts file
127.0.0.1 myhost.local

Create the NginX configuration file

Create proxy_ssl.conf file. This will work out of the box on MacOS and connect to your local application on port 5000.
server {
  listen 443 ssl;
  ssl_certificate /etc/nginx/conf.d/cert.pem;
  ssl_certificate_key /etc/nginx/conf.d/key.pem;
  location / {
     proxy_pass http://docker.for.mac.localhost:5000;
  }
}

Run the docker container

$ docker run --name nginx-proxy -d -v ${PWD}:/etc/nginx/conf.d -p 5001:443 nginx

Stop and restart the Docker container

docker stop nginx-proxy
docker start nginx-proxy

Remove the Docker container

docker kill nginx-proxy
docker rm nginx_proxy