Skip to main content
Generate your own certs, and place the .crt and .key file into where you pointed “/etc/ssl/private/” in your docker-compose.yml. Use the WEB container itself to make them.
Edit the docker compose to keep the container running by adding/changing the following for the web container:\
Starting with “restart” change that to “no” for this add the 3 lines following it:

    restart: no
    command: tail -f /dev/null
    stdin_open: true
    tty: true

Then “docker ls” to list to containers and their IDs
”docker exec -itu0 <docker container ID> /bin/sh   \
Then run “apk update && apk install openssl”

If you get an error you may need to do the following:

sed -i ‘s/^https:/http:/’ /etc/apk/repositories
apk update
apk add —no-cache ca-certificates openssl
update-ca-certificates
apk update && apk install openssl

Once that is installed you should be able to run: \
openssl req -newkey rsa:2048 -x509 -nodes -keyout /etc/ssl/private/nginx-cert.key -new -out /etc/ssl/certs/nginx-cert.crt -subj /CN=$IP_ACCESS -config /usr/share/nginx/san.conf -reqexts SAN -extensions SAN -sha256 -days 365\
If you get a file not found, create the san.conf with the following contents:

[ req ]
default_bits        = 2048
distinguished_name  = req_distinguished_name
req_extensions      = SAN
extensions          = SAN
[ req_distinguished_name ]
countryName         = US
stateOrProvinceName = Washington
localityName        = Seattle
organizationName    = Taqtile
[SAN]
subjectAltName      = IP:$IP_ACCESS
extendedKeyUsage    = serverAuth
basicConstraints    = CA:TRUE,pathlen:0

Then point the command to that file (the -config option)