Hello,
I started to use Docker for my app development. I’m trying to configure SSL with Docker + MySql + phpmyadmin.
My goal is to create a service (using https) which will have several API’s where the client (mobile application will be able to send/receive data to/from). From what I found online there are no good tutorials which can explain on how to achieve this functionality.
This is what I gathered so far:
# ./docker-compose.yml
version: '3'
services:
db:
image: mysql:5.7
environment:
MYSQL_ROOT_PASSWORD: my_secret_pw_shh
MYSQL_DATABASE: test_db
MYSQL_USER: devuser
MYSQL_PASSWORD: devpass
ports:
- "9906:3306"
web:
image: php:7.2.2-apache
container_name: php_web
depends_on:
- db
volumes:
- ./php/:/var/www/html/
ports:
- "8100:80"
stdin_open: true
tty: true
#generate-certificates.sh
#!/bin/bash
mkdir -p ssl
docker run --rm --entrypoint=/bin/sh -v ./ssl:/ssl -w /ssl -u $(id -u):$(id -g) alpine/openssl -c "$(cat <<'EOL'
echo "Generating root certificate of certification authority .."
openssl genrsa -out root-ca.key 2048
openssl req -x509 -new -nodes -key root-ca.key -sha256 -days 365 -out root-ca.cert -subj "\
/C=DE\
/ST=Berlin\
/L=Berlin\
/O=3Maj Company\
/CN=3Maj Local CA\
/emailAddress=3maj@t-online.de\
"
echo "Generating end-entity certificate for host 'localhost' .."
openssl genrsa -out ssl-cert-snakeoil.key 2048
openssl req -new -key ssl-cert-snakeoil.key -out ssl-cert-snakeoil.csr -subj "\
/C=DE\
/ST=Berlin\
/L=Berlin\
/O=3Maj Company\
/CN=localhost\
/emailAddress=3maj@t-online.de\
"
echo >ssl-cert-snakeoil.ext
echo >>ssl-cert-snakeoil.ext authorityKeyIdentifier=keyid,issuer
echo >>ssl-cert-snakeoil.ext basicConstraints=CA:FALSE
echo >>ssl-cert-snakeoil.ext keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
echo >>ssl-cert-snakeoil.ext subjectAltName = @alt_names
echo >>ssl-cert-snakeoil.ext
echo >>ssl-cert-snakeoil.ext [alt_names]
echo >>ssl-cert-snakeoil.ext DNS.1 = localhost
openssl x509 -req -in ssl-cert-snakeoil.csr -CA root-ca.cert -CAkey root-ca.key -CAcreateserial \
-out ssl-cert-snakeoil.cert -days 365 -sha256 -extfile ssl-cert-snakeoil.ext
rm ssl-cert-snakeoil.ext
EOL
)"
The script is working and generate the according certs for SSL, although I'm not sure how to combine it with the docker yml file and how to use those certs to configure ssl with phpmyadmin to establish https connection.
I'm sorry in advance if I post it in the wrong section, it's my first post here :))
I will appreciate it, If someone can explain what should I do next or share a guide on how to achieve this functionality that I'm looking for.