And successfully added SSL to my one-click Discourse droplet install digital ocean.
By Sam Saffron co-founder
So you’d like to enable SSL for your Docker-based Discourse setup? Let’s do it!
This guide assumes you used all the standard install defaults – a container configuration file at/var/discourse/containers/app.>yml and Discourse docker is installed at: /var/discourse
Buy a SSL Certificate
Go to namecheap468 or some other SSL cert provider and purchase a SSL cert for your domain. Follow all the step documented by >them to generate private key and CSR and finally get your cert. I used the apache defaults, they will work fine.
Keep your private key and cert somewhere safe.
Place the Certificate and Key
Get a signed cert and key and place them in the /var/discourse/shared/standalone/ssl/ folder
Private key is:
File names are critical do not stray from them or your nginx template will not know where to find the cert.
Have a look at your app.yml configuration file to see where the shared folder is mounted.
In essence the files must be located at /shared/ssl/ssl.key /shared/ssl/ssl.crt inside the container.
For all clients to find a path from your cert to a trusted root cert (i.e., not give your users any warnings), you may need to >concatenate the cert files from your provider like so:
cat “Your PositiveSSL Certificate” “Intermediate CA Certificate” “Intermediate CA Certificate” >> ssl.crt
Add a reference to the nginx ssl template from your app.yml configuration file:
Configure your Docker Container
Tell your container to listen on SSL
Bootstrap your Docker Container
Rebuild your app
./launcher rebuild app
Profit, you are done!
Be sure to read through the logs using
./launcher logs app
If anything goes wrong.