!!! After you create and combine the certificate as shown on the tutorial you must set “chmod 600” to the certificate It will work, but when I execute “systemctl status rvice” it warn me that for security /etc/stunnel/stunnel. cert = pkcs11:token=MyToken object=M圜ertīut you should know witch port this apps need to connect and also when you install it you need the IP addressĪnd here is the stunnel in my case configurationĪccept = 60023 # The port you want to connect from outside #Ĭonnect = 172.17.0.5:8080 # the IP of the container and default port # located in the Windows certificate store Encrypted HTTP proxy authenticated with a client certificate This is actually the server configuration the client configuration should look like this I am actually not sure of that I am going to test it today or tomorrow. On windows you just installed it adding 4 lines of code and that’s itīut on linux you should have a server also I think in order to forward ports to the client I am using it on blueiris security camera software to encrypt the web UI, but on windows I had no idea how to do this on linux and how I know. I you create you own containers that’s possible but If you are dependent on other container builders that will be almost impossible.įor what I understand is just port forwarding ports and that way you can encrypt almost anything If you want to add a certificate to containers natively you need to rebuild your containers and add a certificate to each container. Some examples: traefik, SWAG (from linuxserver.io) or NGINX all these are available as docker containers.Īt the moment I’m experimenting with Traefik. The above features are also available via other options. This combination makes it possible to connect over HTTPS to all containers. And I’m able to add a certificate to each CNAME url. And to redirect that cname to the corresponding docker container I use the reverse proxy feature of my Synology. I configured for each docker container a seperate cname record. I do have a domain name and am able to manage my own DNS settings at my ISP (a-record, cname records etc). In my home environment I use a Synology NAS with docker on it. Start the python dev server: $ HTTPS=1 python bin/runserver.py 0.0.0.But as far as I know you need some kind of a domain name to be able to register certificates.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |