Adding TLS certificates in CHT 4.x
To load your certificates into your CHT instance, we’ll be creating an interstitial container called
cht-temp-tls which will enable you to copy your local certificate files into the native docker volume.
You have two files locally on your workstation in the directory you’re currently in:
key.pem- the private key for your TLS certificate
chain.pem- both the public and any interstitial keys concatenated into one file
Also, be sure you have started your CHT instance once and all your volumes are created.
Loading the certificate
docker composeshould work, but you may need to use the older style
docker-composeif you get an error
docker: 'compose' is not a docker command.
Find the name of your
cht-sslvolume with this call:
docker volume ls --filter "name=cht_" | grep cht-ssl
It is very likely that
cht_cht-sslis the name of our
Using the volume name found in step 1, start a container called
tempwhich allow us to copy files into the docker volume:
docker run -d --rm --name temp -v cht_cht-ssl:/etc/nginx/private/ alpine tail -f /dev/null
Copy the two pem files into the volume via the temporary container:
docker cp key.pem temp:/etc/nginx/private/. docker cp cert.pem temp:/etc/nginx/private/.
docker kill temp
Your certificates are now safely stored in the native docker volume. Restart your CHT instance the way you started it, being sure to set the correct
SSL_VOLUME_MOUNT_PATH per the prerequisites.
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.