如何在Docker容器中的Tomcat上启用HTTPS? [英] How to enable HTTPS on Tomcat in a Docker Container?

问题描述

我是Tomcat和Docker的新手，并且在尝试在我的网站上启用https时陷入困境.首先在服务器上，而不在任何容器中:

I'm new to Tomcat and Docker, and am stuck trying to enable https on my website. First on the server, not in any container:

a)我生成了一个CSR

a) I generated a CSR

b)获得了商业SSL证书

b) Acquired a commercial SSL certificate

c)将证书放置在服务器/etc/docker/certs上的文件夹中

c) Placed the certificates in a folder on the server /etc/docker/certs

d)然后使用以下配置创建我的Docker容器

d) Then created my Docker containers with the configuration below

我可以使用命令 docker exec -it< container-id>sh 来浏览我的容器.我可以编辑 server.xml 和 web.xml ，但是我知道，如果我希望https配置能够持久保存在各个容器之外，则应该在容器外部的操作系统级别安装证书.换句话说，我应该能够删除一个容器，并创建另一个容器，而无需重新安装ssl.

I can use the command docker exec -it <container-id> sh to navigate my container. I can edit server.xml and web.xml but I realize I should install the certificates at the OS level outside the container if I want https configuration to persist past individual containers. In other words, I should be able to remove a container, and create another one without needing to reinstall the ssl.

我该怎么做?有任何想法吗?.提前致谢！以下是我的配置:

How can I do this? Any ideas?. Thanks in advance! Below are my configurations:

1.数据库

docker run -d --name=example-db --restart=always --net=example-net --mount type=volume,src=mydbdata,target=/example-db --hostname=example-db -e POSTGRES_DB=mydb -e POSTGRES_USER=myuser -e POSTGRES_PASSWORD=secret myapp/db

2.应用程序

docker run -d --name=example-app --restart=always --mount type=volume,src=mydata,target=/example-app -p 80:8080 --net=example-net -e DB_HOST=example-db -e DB_NAME=mydb -e DB_USER=myuser -e DB_PASSWORD=secret myapp/myapp

再次感谢您的帮助.艺术

Again thanks for your help. Art

推荐答案

您可以使用

You can map the external certs into a container at docker run time using bind mounts. Assuming your certs are in /etc/docker/certs on the host, and you want them to be at /etc/ssl/certs in the container, then add either of the following:

-v /etc/docker/certs:/etc/ssl/certs:ro

或

--mount type=bind,src=/etc/docker/certs,dst=/etc/ssl/certs,readonly

在这种情况下，您的Tomcat配置将使用/etc/ssl/certs 作为其路径.

Your Tomcat config would use /etc/ssl/certs as its path in this case.

这篇关于如何在Docker容器中的Tomcat上启用HTTPS?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！