Add an SSL Certificate
First, ensure you have the file nginx-ssl.conf
in your project folder. If it’s missing, download it from the Netpicker GitHub repository.
To add a self-signed SSL certificate to Netpicker and enable HTTPS, place the following files in the certs
folder:
private.key
certificate.crt
Note: Use these exact filenames!
Next, ensure your docker-compose.yml
configuration includes the following volume mappings (this is commented out by default):
frontend:
ports:
- 443:443
volumes:
- ./nginx-ssl.conf:/etc/nginx/conf.d/nginx-ssl.conf
- ./certs:/etc/nginx/certs/
Create a Self-signed SSL Certificate
If you don’t yet have a certificate, follow these steps to generate one:
- Generate a private key:
openssl genrsa -out private.key 2048
- Generate a Certificate Signing Request (CSR):
openssl req -new -key private.key -out certificate.csr
- Generate a self-signed certificate:
openssl x509 -req -in certificate.csr -signkey private.key -out certificate.crt
Set correct user
The certificate files created by the user will have incompatible permissions when mounted into the Docker container, as the container runs under a different internal user (UID 911).
Always perform the following step to avoid permissions issues. Execute this command to update the owner of the certificate files and nginx config:
sudo chown -R 911:911 ./certs
sudo chown -R 911:911 nginx-ssl.conf
This ensures the internal container user can read and utilize the certificates without permissions errors.