How to use Let's Encrypt with Docker container based on the Node.js image

Question

I am running an Express-based website in a Docker container based on the Node.js image. How do I use Let\'s Encrypt with a container based on that image?

Answer 1

I've recently implemented https with let's encrypt using nginx. I'm listing the challenges I've faced, and the way I've implemented step-by-step here.

Challenge:

1. Docker file system is ephemeral. That means after each time you make a build the certificates that are stored or if generated inside the container, will vanish. So it's very tricky to generate certificates inside the container.

Steps to overcome it:

Below guide is independent of kind of the app you have, as it only involves nginx and docker.

• First install nginx on you server (not on container, but directly on the server.) You can follow this guide to generate certificate for your domain using certbot.

• Now stop this nginx server and start the build of your app. Install nginx on your container and open port 80, 443 on your docker container. (if using aws open on ec2 instance also as by default aws open only port 80)

• Next run your container and mount the volumes that contain certificate file directly on the container. I've answered a question here on how to do the same.

• This will enable https on your app. Incase you are not able to observe, and are using chrome try clearing dns cache for chrome

Auto renewal process :

• Let's encrypt certificates are valid only for 3 months. In the above guide steps to configure auto renewal is also setup. But you've to stop and restart your container every 3 months atleast to make sure the certificates mounted on your docker container are up to date. (You will have to restart the nginx server we set up in the first step to make the renewal happen smoothly)