gwweb and certificates

How is the way to add a 'official' certificate to gwweb?

I have a gwweb container running. It creates a new selfsigned certificate each time it is started. Perfect for quick start!

But now I want to use a certificate which is signed by a 'official' CA. Where I have to place this? At now I have placed it in /opt/novell/gw. So it was accessible in /etc/nginx/gw at the container. But is is not used. I assume that this is the wrong location for the certificate.

 

BTW: Maybe MF want to create a new label for gwweb to makes a difference between WebAccess and gwweb?

Tags:

  • OK, it seem that the certs have to be in /certs at the container. Then it is possible to restart the nginx (nginx -s restart) and they wil used. Even a docker container restart they will survive. But a stop and then a new start of the docker image clears them ...

    It seems it has to be an addition step to get these change permanent.
  • Verified Answer

    One solution can be to let the docker image unchanged and add the location for the certificate:
    Copy the key and cert-file to a location at your choice and rename them to server.key and server.crt. Then start the image with:
    docker run -d --rm -v /opt/novell/gw:/etc/nginx/gw -v /etc/docker/gw/certs:/certs --name gwweb -e FQDN=mail.example.com -e DNS_SERVER=10.0.0.1 -p 80:80 -p 443:443 mfgroupwise/web:18.2.0-135318
    This link the directory /etc/docker/gw/certs to the directory /certs in the container when the image is started.