Docker container certificate

I am installing some web services on my server with Docker containers and I need a certificate for SSL encrypted connection (https). Could I use the same certificate for multiple containers on the same server? For example, one of the containers is PGAdmin4 and another is R Studio Server. I need a procedure to manually create the certificates and then pass them to the container in its startup parameters.

My domain is: datascience.businessgrowth.com.ve

I ran this command: certbot certonly --manual

It produced this output:
Certbot failed to authenticate some domains (authenticator: manual). The Certificate Authority reported these problems:
Domain: datascience.businessgrowth.com.ve
Type: connection
Detail: 77.73.69.35: Fetching http://datascience.businessgrowth.com.ve/.well-known/acme-challenge/5CSQJQRN5vXltS_183Fn20s0y07v4cBM-NwLsX7Gzk0: Connection refused

Hint: The Certificate Authority failed to verify the manually created challenge files. Ensure that you created these in the correct location.

Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

My web server is embedded in a docker container

The operating system my web server runs on is (include version): Debian 11

I have total control of my VPS

certbot --version
certbot 1.31.0

Thank you

1 Like

If you acquire the certificate on your host and store it somewhere then yes you can deploy it to anything that a certificate can be used for. They would all have to match names that are included on the certificate, so for instance if your cert is for datascience.businessgrowth.com.ve then each service would need to run on different ports, but you can configure the certificate for each as normal (see the docs for the type of service you are using as to how to set the certificate).

Your post above shows 77.73.69.35: Fetching http://datascience.businessgrowth.com.ve/.well-known/acme-challenge/5CSQJQRN5vXltS_183Fn20s0y07v4cBM-NwLsX7Gzk0: Connection refused which would mean that domain validation failed trying to contact your server. If your server is running in docker and you want to use http validation within that then you would need to make sure external http (TCP port 80) request are being routed/forwarded to that container.

4 Likes