Related

Tool DOCTL: DigitalOcean CLI Tool
Tutorial for let's encrypt wildcard? Question Question
Can I assign a firewall while creating a droplet via API? Question Question

Question

Let's Encrypt Wildcard With Docker

Posted June 3, 2020 152 views
APIDockerLet's Encrypt

Hello guys.
I was following this tutorial How To Secure a Containerized Node.js Application with Nginx, Let’s Encrypt, and Docker Compose, which is very complete and easy to go through. But, what if I want to create a wildcard certificate with Let’s Encrypt to deploy along with all my API? How difficult would it be to adapt the instructions from this article? By the way, this wildcard certificate would be valid to a web server as well, right?

Best regards

Add a comment
renatospaka
By:
renatospaka
Add a comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
2 answers
bobbyiliev June 4, 2020

Hi there @renatospaka,

I believe that in order to obtain a wildcard SSL certificate you would have to adjust the following line in your docker-compose file:

    command: certonly --webroot --webroot-path=/var/www/html --email sammy@example.com --agree-tos --no-eff-email --force-renewal -d example.com -d www.example.com

And set it to:

    command: certonly --webroot --webroot-path=/var/www/html --email sammy@example.com --agree-tos --no-eff-email --force-renewal -d example.com -d *.example.com

This would generate a wildcard SSL certificate which you could use for all of your subdomains.

Hope that this helps!
Regards,
Bobbt

Reply Report
renatospaka June 4, 2020

Hello @bobbyiliev

Thanks for your reply. Another question: can I create an isolated container only for certbot certificate information and associate it with a docker-compose when needed?

Reply Report
  • bobbyiliev June 4, 2020

    Hi there @renatospaka,

    I believe that this should be OK, you just need to be careful with step 6 in this case which is the certificate renewal cronjob as it actually uses the same docker-compose file.

    Hope that this helps!

    Regards,
    Bobby

    Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help