Generate ECDSA CA, intermediate CA and server certificate with DNS alt names using Terraform in Docker and launch Rancher
docker run --rm -v $PWD/testcerts:/tmp/certs/files -e TF_VAR_ip_addresses='["127.0.0.1"]' -e TF_VAR_dns_names='["yolo.seb.local"]' superseb/intermediate-ecdsa
Run Rancher container with mounted certificates
docker run -d --privileged -p 80:80 -p 443:443 --restart=unless-stopped -v $PWD/testcerts/server.fullchain.crt:/etc/rancher/ssl/cert.pem -v $PWD/testcerts/server.key:/etc/rancher/ssl/key.pem -v $PWD/testcerts/root_ca.crt:/etc/rancher/ssl/cacerts.pem rancher/rancher
Test certificates using the CA root
docker run --rm -v $PWD/testcerts:/certs --net host appropriate/curl -v --cacert /certs/root_ca.crt https://127.0.0.1
Run Rancher container with mounted certificates (server.crt instead of server.fullchain.crt)
docker run -d --privileged -p 80:80 -p 443:443 --restart=unless-stopped -v $PWD/testcerts/server.crt:/etc/rancher/ssl/cert.pem -v $PWD/testcerts/server.key:/etc/rancher/ssl/key.pem -v $PWD/testcerts/root_ca.crt:/etc/rancher/ssl/cacerts.pem rancher/rancher
Test certificates using the CA root
docker run --rm -v $PWD/testcerts:/certs --net host appropriate/curl -v --cacert /certs/root_ca.crt https://127.0.0.1