Question
Question
Docker Nginx with Certbot certificate: file not found
Hi guys,
I am struggling getting nginx to run with a Certbot created certificate in docker. I issued it and it worked just fine. Then mounted the letsencrypt folder for nginx to access those links towards the archive but the log outputs that the file is not found… What am I missing here? Is that a permission issue or are the links problematic? Looking forward to any help!
docker-compose setup:
version: '3.1'
services:
nginx-container:
container_name: 'nginx'
image: nginx:latest
ports:
- "80:80"
- "443:443"
volumes:
- /files/conf.d/default.conf:/etc/nginx/conf.d/default.conf
- /files/html:/usr/share/nginx/html
- /files/dh-param/dhparam.pem:/etc/ssl/certs/dhparam.pem
- /files/letsencrypt/live:/etc/letsencrypt/live:ro
networks:
- nginx-proxy
networks:
nginx-proxy:
driver: bridge
Nginx default.conf:
server {
listen 80;
listen [::]:80;
server_name site.com
location / {
rewrite ^ https://$host$request_uri? permanent;
}
#for certbot challenges (renewal process)
location ~ /.well-known/acme-challenge {
allow all;
root /data/letsencrypt;
}
}
#https://site.com
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name tomkerkhoff.de;
server_tokens off;
ssl_certificate /etc/letsencrypt/live/site.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/site.com/privkey.pem;
ssl_buffer_size 8k;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;
ssl_ecdh_curve secp384r1;
ssl_session_tickets off;
# OCSP stapling
ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.8.8;
return 301 https://therealsite.com$request_uri;
}
Nginx log:
2018/11/18 13:17:31 [warn] 1#1: the "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /etc/nginx/conf.d/default.conf:56
nginx: [warn] the "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /etc/nginx/conf.d/default.conf:56
2018/11/18 13:17:31 [emerg] 1#1: BIO_new_file("/etc/letsencrypt/live/site.com/fullchain.pem") failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/letsencrypt/live/site.com/fullchain.pem','r') error:2006D080:BIO routines:BIO_new_file:no such file)
nginx: [emerg] BIO_new_file("/etc/letsencrypt/live/site.com/fullchain.pem") failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/letsencrypt/live/site.com/fullchain.pem','r') error:2006D080:BIO routines:BIO_new_file:no such file)
root@Kerksbox:/opt/ng
Add a comment
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
×