Enabling SSL on Docker - Signer
Stop the stack (if already running):
docker stack rm signer
Store the certificate and key files as secrets (replace signer.pem and signer.key below with your certificate and key files):
docker secret create signer_ssl_cert signer.pem
docker secret create signer_ssl_cert_key signer.key
Edit the Docker compose file:
nano signer-stack.yml
Uncomment the following entries:
...
secrets:
...
# Uncomment to enable SSL
signer_ssl_cert:
external: true
signer_ssl_cert_key:
external: true
...
services:
...
nginx:
...
# Uncomment to enable SSL
secrets:
- signer_ssl_cert
- signer_ssl_cert_key
ports:
- "80:80"
# Uncomment to enable SSL
- "443:443"
...
Edit the Nginx configuration file:
nano signer-proxy.conf
Uncomment the following entries:
...
# Uncomment to enable SSL
listen 443 ssl;
ssl_certificate /run/secrets/signer_ssl_cert;
ssl_certificate_key /run/secrets/signer_ssl_cert_key;
...
Edit the Signer configuration file:
nano signer.json
Make the following changes:
- Section Bindings
- HttpsMode: change to
RedirectPages
to redirect to HTTPS users accessing the dashboard on HTTP
- HttpsMode: change to
- Section General
- SiteUrl: change the protocol of the URL to
https
, e.g. https://signer.patorum.com
- SiteUrl: change the protocol of the URL to
Deploy the stack with the new configurations:
docker stack deploy -c signer-stack.yml signer