Login/Register
How do I get docker cloud (formerly tutum) and haproxy to use SSL?
Asked Answered
Solved sslhaproxy
E

1

9

I just purchased an SSL Certificate. It came with 1 server certificate, 1 intermediate certificate and 1 root certificate.

I have my *.csr file and *.key used to create the certificates.

I am using Tutum with HAProxy and there is a SSL_CERT environment variable. I read the documentation but could not get it to work properly. How do I set this SSL_CERT environment variable?

Entomophagous answered 9/2, 2015 at 5:5 Comment(0)
I
17

I am the maintainer of the tutum/haproxy image. To use SSL_CERT, you need a file containing both your public certificate(your.crt) and private key(your.key). You can do as follows:

cp your.key cert.pem cat your.crt >> cert.pem

Then, you can run: awk 1 ORS='\\n' ~/cert.pem.

Copy the output to SSL_CERT

Done

Internment answered 21/4, 2015 at 16:44 Comment(6)
Yeah, this is what I figured out and was able to get things working. Thanks for writing the answer for others.Entomophagous
There might be a slight typo in that it's cat your.crt >> cert.pem not .csr which is the certificate signing file.Portwin
@Portwin yes. I have changed the name of the certificate. Thank you.Internment
cannot get this to work.... copied the output of snakeoil files as above to env variable in apahche/php/unbuntu container (using docker-compose)... also tried putting it in env vars for haproxy (both with and without DEFAULT_)... I have also set vhost bit... any way I try this I cannot get it working :(Cero
So it looks like it was just the VIRTUAL_HOST needed to proceed with https:// So proceed VIRTUAL_HOST with https and set SSL_CERT as per above in your linked application container. Happy boy :)Cero
There is a good complete example here that worked for me: github.com/tutumcloud/haproxy/issues/130#issuecomment-174492191Bister

© 2022 - 2024 — McMap. All rights reserved.