I tried to build certicate files for some docker containers using,it looks like it doesn't work


#1

My domain is:
test.testapp.win

My web server is (include version):
Docker containers which with Apache 2.x & PHP 5.7

The operating system my web server runs on is (include version):
CentOS 7
My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):
yes

I tried to build letsencrypt files in the host,I tried to build it for some docker containers ,I have build letencrypt files in /etc/letsencrypt/live/mydomain/ sucessfully with with -standalone parameter,my problem was when my containers using these files,it didn’t work,the apache was stuck when I tried to access it with https and I tried to using these file within a container which is with Tomcat 8.5 ,it didn’t work as well,it just be stucked,it’s not able to access the Tomcat with https,
until I build the letsencrypt files within the docker containers,it would work fine
any idea what wrong I have done?thanks


#2

Hi,

Could you please elaborate on “stuck”?

Thank you


#3

well,it just always loading the page when I tried to access with https,and I have been waiting so long abd it look like never finished loading,thanks in advance


#4

the strange things was when I logged in the container and built the letsencrypt inside container which i didn’t use docker -v /etc/letsencrypt/live/mydomain/ command to share my certificate,used docker run -it containername /bin/bash instead,and build it within the container,it works fine
my problem was the certficates files needs to share with another container which is Tomcat, I have no idea how to share the files such private key and certificate files if I do so


#5

I’m not familiar with container, but I know that if you do not destroy the container in a regular basis (aka not destroy the container once per week / month), you could just request the certificate inside the container…

For the loading part, is the certificate already sent then the webpage stalls? Or neither certificate not the contents are sent?

Thank you


#6

thanks for replying
I found the problem was the pem files were not able to read within the container,please take a look at this

the stuck situation was

This site can’t be reached

test.testapp.win took too long to respond.

Try:

ERR_TIMED_OUT

I tried to verify the pem files within the containers with Openssl,it failed even it’s existed literally though
take a look at this

root@29bed69b4aae:/etc/letsencrypt/live/test.testapp.win# openssl verify privkey.pem
Can’t open privkey.pem for reading, No such file or directory
140351293908224:error:02001002:system library:fopen:No such file or directory:…/crypto/bio/bss_file.c:74:fopen(‘privkey.pem’,‘r’)
140351293908224:error:2006D080:BIO routines:BIO_new_file:no such file:…/crypto/bio/bss_file.c:81:
unable to load certificate

Any idea to fix this problem?thanks