如何在Docker容器中的Tomcat上启用HTTPS? [英] How to enable HTTPS on Tomcat in a Docker Container?
问题描述
我是Tomcat和Docker的新手,并且在尝试在我的网站上启用https时陷入困境.首先在服务器上,而不在任何容器中:
I'm new to Tomcat and Docker, and am stuck trying to enable https on my website. First on the server, not in any container:
a)我生成了一个CSR
a) I generated a CSR
b)获得了商业SSL证书
b) Acquired a commercial SSL certificate
c)将证书放置在服务器/etc/docker/certs上的文件夹中
c) Placed the certificates in a folder on the server /etc/docker/certs
d)然后使用以下配置创建我的Docker容器
d) Then created my Docker containers with the configuration below
我可以使用命令 docker exec -it< container-id>sh
来浏览我的容器.我可以编辑 server.xml
和 web.xml
,但是我知道,如果我希望https配置能够持久保存在各个容器之外,则应该在容器外部的操作系统级别安装证书.换句话说,我应该能够删除一个容器,并创建另一个容器,而无需重新安装ssl.
I can use the command docker exec -it <container-id> sh
to navigate my container. I can edit server.xml
and web.xml
but I realize I should install the certificates at the OS level outside the container if I want https configuration to persist past individual containers. In other words, I should be able to remove a container, and create another one without needing to reinstall the ssl.
我该怎么做?有任何想法吗?.提前致谢!以下是我的配置:
How can I do this? Any ideas?. Thanks in advance! Below are my configurations:
1.数据库
docker run -d --name=example-db --restart=always --net=example-net --mount type=volume,src=mydbdata,target=/example-db --hostname=example-db -e POSTGRES_DB=mydb -e POSTGRES_USER=myuser -e POSTGRES_PASSWORD=secret myapp/db
2.应用程序
docker run -d --name=example-app --restart=always --mount type=volume,src=mydata,target=/example-app -p 80:8080 --net=example-net -e DB_HOST=example-db -e DB_NAME=mydb -e DB_USER=myuser -e DB_PASSWORD=secret myapp/myapp
再次感谢您的帮助.艺术
Again thanks for your help. Art
推荐答案
You can map the external certs into a container at docker run
time using bind mounts. Assuming your certs are in /etc/docker/certs
on the host, and you want them to be at /etc/ssl/certs
in the container, then add either of the following:
-v /etc/docker/certs:/etc/ssl/certs:ro
或
--mount type=bind,src=/etc/docker/certs,dst=/etc/ssl/certs,readonly
在这种情况下,您的Tomcat配置将使用/etc/ssl/certs
作为其路径.
Your Tomcat config would use /etc/ssl/certs
as its path in this case.
这篇关于如何在Docker容器中的Tomcat上启用HTTPS?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!