Docker nginx cannot load certificate "/etc/nginx/certs/***"

Hello,

i’m new on docker.

I try to build 2 containers with docker-compose. I like to serve my app via https. For this purpose i use nginx and this tutorial.

After command docker-compose run it prints an error:

nginx-server | 2019/12/15 17:33:22 [emerg] 1#1: cannot load certificate “/etc/nginx/certs/myRoot.cert”: BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen(’/etc/nginx/certs/myRoot.cert’,‘r’) error:2006D080:BIO routines:BIO_new_file:no such file)
nginx-server | nginx: [emerg] cannot load certificate “/etc/nginx/certs/myRoot.cert”: BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen(’/etc/nginx/certs/myRoot.cert’,‘r’) error:2006D080:BIO routines:BIO_new_file:no such file)
nginx-server exited with code 1

docker-compose.yml

version: "3.7"
services:
  app:
    build:
      context: ./
      dockerfile: app.dockerfile
    working_dir: /var/www
    volumes:
      - ./../laravel:/var/www
    container_name: laravel-app
  web:
    build:
      context: ./
      dockerfile: nginx.dockerfile
    working_dir: /var/www
    volumes:
      - ../laravel:/var/www
      - ./vhost.conf:/etc/nginx/conf.d/vhost.conf
      - ../ssl_zertificate:/etc/nginx/certs
    ports:
      - "80:80"
      - "443:443"
    depends_on:
      - app
    container_name: nginx-server

For my understand understand,this line has to do the job: mount the ssl folder to the folder in the nginx container?..

...
    - ../ssl_zertificate:/etc/nginx/certs
...

app.dockerfile

FROM php:7.3-fpm
RUN apt-get update \
    && apt-get install -y libzip-dev git mariadb-client libmagickwand-dev --no-install-recommends
RUN docker-php-ext-install pdo_mysql zip \
    && pecl install imagick \
    && docker-php-ext-enable imagick \
    && php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" \
    && php composer-setup.php \
    && php -r "unlink('composer-setup.php');" \
    && mv composer.phar /usr/local/bin/composer

In this file i added COPY as intention from this recommendation (with the same result)

nginx.dockerfile

FROM nginx
COPY ./../ssl_zertifite /etc/nginx/certs
COPY vhost.conf /etc/nginx/conf.d/vhost.conf

vhost.conf

server {
    listen 443 ssl;
    index index.php index.html;
    root /var/www/public;
    server_name docker-laravel-tut.local;
    ssl_certificate /etc/nginx/certs/myRoot.cert;
    ssl_certificate_key /etc/nginx/certs/myRoot.key;

    location / {
        try_files $uri /index.php?$args;
    }

    location ~ \.php$ {
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass app:9000;
        fastcgi_index index.php;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param PATH_INFO $fastcgi_path_info;
    }
}

Done, the file inside vhost.conf was named wrong:
***.cert correctly named ***.crt

Now it works :slight_smile:

1 Like