I'm trying to set up SSL certificates for NGINX running in a Docker container, but I keep running into a problem. I want to use Let's Encrypt for my certificates, but it seems that NGINX needs to be running and configured with SSL certificates before I can actually get the certificates from Let's Encrypt. My setup has a Node.js server running on port 3000, and I'd like to have NGINX in another Docker container act as a reverse proxy for that server. How can I break this loop where NGINX needs SSL to start, but I need NGINX running to obtain the SSL certificates?
3 Answers
You can set up your NGINX container to just listen on port 80 initially. Start the container without any SSL configuration, then run Let's Encrypt to automatically generate the certificate and set up the redirect from port 80 to 443 for you. This way, you won’t be stuck in the loop!
Run NGINX without SSL configuration to start. Then, use Certbot to get your certificates and after that, update your NGINX configuration to include the SSL settings. Another approach is to use a reverse proxy like Caddy or Traefik, which handle SSL automatically, making this process much simpler.
So just to clarify, I'd set up a basic NGINX config without SSL, get my certificates using Certbot, then update my NGINX config to use the SSL certificates, right?
While NGINX is great for performance, tools like Caddy are specifically designed for simplicity with automatic SSL. It’s great if you expect high traffic, but if you want to stick with NGINX, Certbot works just fine without SSL settings.
Does Certbot work well when both NGINX and it are running in Docker?
Could you provide some example Docker commands for this process?