Skip to content

Instantly share code, notes, and snippets.

@ykarikos

ykarikos/docker-ssl-proxy.md

Last active February 21, 2025 19:30
Show Gist options
  • Save ykarikos/06879cbb0d80828fe96445b504fa5b60 to your computer and use it in GitHub Desktop.
Save ykarikos/06879cbb0d80828fe96445b504fa5b60 to your computer and use it in GitHub Desktop.
Download ZIP
Self-signed SSL reverse proxy with Docker
Raw
docker-ssl-proxy.md

Self-signed SSL reverse proxy with Docker

This is based on the marvellous blog posting by Oliver Zampieri.

This howto is written to create a self signed SSL NginX proxy on MacOS to

  1. Expose proxy at local host port 5001
  2. Connect the port 5001 to port 443 inside Docker
  3. Proxy the port 443 to port 5000 on the host computer

This means that:

  • Your application should be listening on http://0.0.0.0:5000
  • Your application will be accessible at https://myhost.local:5001

Create the self signed certificate

We will use myhost.local as the hostname. You can change this.

$ mkdir docker-ssl-proxy
$ cd docker-ssl-proxy
$ openssl req -subj '/CN=myhost.local' -x509 -newkey rsa:4096 -nodes -keyout key.pem -out cert.pem -days 365

Edit /etc/hosts

Add this line in your /etc/hosts file

127.0.0.1 myhost.local

Create the NginX configuration file

Create proxy_ssl.conf file. This will work out of the box on MacOS and connect to your local application on port 5000.

server {
  listen 443 ssl;
  ssl_certificate /etc/nginx/conf.d/cert.pem;
  ssl_certificate_key /etc/nginx/conf.d/key.pem;
  location / {
     proxy_pass http://docker.for.mac.localhost:5000;
  }
}

Run the docker container

$ docker run --name nginx-proxy -d -v ${PWD}:/etc/nginx/conf.d -p 5001:443 nginx

Stop and restart the Docker container

docker stop nginx-proxy
docker start nginx-proxy

Remove the Docker container

docker kill nginx-proxy
docker rm nginx_proxy
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment