Hi,
I’m quite new to docker.
At the moment I’m using Rockstor als my Home NAS-System. Rockstor uses Docker to implement Plugins like owncloud, plex …
The Containers run with specific Ports (e.g. owncloud 8080).
The developer of Rockstor provided an adjusted docker image for owncloud. At the moment I’m testing the official one.
But I have trouble to access it via https.
When I try to access https://MyIP:8080 I get SSL_ERROR_RX_RECORD_TOO_LONG when using Firefox.
I already tried to get new certificates with openssl. This works, but anyway I’ll get this error. After lot of trying and testing I startet to download apache2 in my owncloud container and edited /etc/apache2/sites-enabled/default-ssl.conf
The problem is that I can’t find the correct way to define my host.
Right now it looks like this:
ServerAdmin webmaster@localhost ServerName 192.168.1.111:8013 DocumentRoot /var/www/html
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn, # error, crit, alert, emerg. # It is also possible to configure the loglevel for particular # modules, e.g. #LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are # enabled or disabled at a global level, it is possible to # include a line for only one particular virtual host. For example the # following line enables the CGI configuration for this host only # after it has been globally disabled with "a2disconf". #Include conf-available/serve-cgi-bin.conf
# SSL Engine Switch: # Enable/Disable SSL for this virtual host. SSLEngine on
# A self-signed (snakeoil) certificate can be created by installing # the ssl-cert package. See # /usr/share/doc/apache2/README.Debian.gz for more info. # If both key and certificate are stored in the same file, only the # SSLCertificateFile directive is needed. SSLCertificateFile /etc/apache2/ssl/apache.pem SSLCertificateKeyFile /etc/apache2/ssl/apache.key
# Server Certificate Chain: # Point SSLCertificateChainFile at a file containing the # concatenation of PEM encoded CA certificates which form the # certificate chain for the server certificate. Alternatively # the referenced file can be the same as SSLCertificateFile # when the CA certificates are directly appended to the server # certificate for convinience. #SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt
# Certificate Authority (CA): # Set the CA certificate verification path where to find CA # certificates for client authentication or alternatively one # huge file containing all of them (file must be PEM encoded) # Note: Inside SSLCACertificatePath you need hash symlinks # to point to the certificate files. Use the provided # Makefile to update the hash symlinks after changes. #SSLCACertificatePath /etc/ssl/certs/ #SSLCACertificateFile /etc/apache2/ssl.crt/ca-bundle.crt
# Certificate Revocation Lists (CRL): # Set the CA revocation path where to find CA CRLs for client # authentication or alternatively one huge file containing all # of them (file must be PEM encoded) # Note: Inside SSLCARevocationPath you need hash symlinks # to point to the certificate files. Use the provided
Am I thinking right, when I try to edit the ssl setting IN the specific docker and not on the system itself (The Web-GUI from Rockstor works with Selfsigned Certificate on Port 443) ?
How can I specify the settings for my container correctly?
It would be really great if anyone could help me with this.
Thanks in advance.
Mark