Nginx Question posted in
The official documentation can be found here.

Nginx Container: no "ssl_certificate_key" is defined for certificate

I am trying to run a private docker registry using this tutorial. But after I did everything and run the docker-compose, I get the following error from the nginx container

no "ssl_certificate_key" is defined for certificate
"/home/user/registry/nginx/ssl/key.pem"

Here is the registry.conf file:

upstream docker-registry {
    server registry:5000;
}

server {
    listen 80;
    server_name example.com;
    return 301 https://example.com$request_uri;
}

server {
    listen 443 ssl http2;
    server_name privatesecurereg.netspan.com;

    ssl_certificate /home/user/registry/nginx/ssl/csr.pem;
    ssl_certificate /home/user/registry/nginx/ssl/key.pem;

    # Log files for Debug
    error_log  /var/log/nginx/error.log;
    access_log /var/log/nginx/access.log;

    location / {
        # Do not allow connections from docker 1.5 and earlier
        # docker pre-1.6.0 did not properly set the user agent on ping, catch "Go *" user agents
        if ($http_user_agent ~ "^(docker/1.(3|4|5(?!.[0-9]-dev))|Go ).*$" )  {
            return 404;
        }

        proxy_pass                          http://docker-registry;
        proxy_set_header  Host              $http_host;
        proxy_set_header  X-Real-IP         $remote_addr;
        proxy_set_header  X-Forwarded-For   $proxy_add_x_forwarded_for;
        proxy_set_header  X-Forwarded-Proto $scheme;
        proxy_read_timeout                  900;
    }

}

What is the rpobelom and how to fix it ?

UPDATE:

Here is my docker-compose:

nginx:
    image: nginx:alpine
    container_name: nginx
    restart: unless-stopped
    tty: true
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./nginx/conf.d/:/etc/nginx/conf.d/
      - ./nginx/ssl/:/etc/nginx/ssl/
    networks:
      - mynet
Tags:

2

Answers


  1. 0

    I think you had missed something in docker-compose file. This is working sample we use.

    nginx:
  image: "nginx:alpine"
  ports:
    - 5000:443
  links:
    - registry:registry
  volumes:
    - ./auth:/etc/nginx/conf.d
    - ./auth/nginx.conf:/etc/nginx/nginx.conf:ro

registry:
  image: registry:2.7.0
  volumes:
    - ./data:/var/lib/registry

    Keep an eye on this part

    volumes:
    - ./auth:/etc/nginx/conf.d
    - ./auth/nginx.conf:/etc/nginx/nginx.conf:ro

    Here auth folder has certificate and key file. Also httpd file for docker registry login.

    In nginx.conf we directly refered inside the nginx container.

    # SSL
ssl_certificate /etc/nginx/conf.d/csr.pem;
ssl_certificate_key /etc/nginx/conf.d/csr.key;
    Login or Signup to reply.
  2. 0

    You mount your certificate dir /home/user/registry/nginx/ssl/ to /etc/nginx/ssl in docker

    Therefore in nginx config you need to use ssl files under /etc/nginx/ssl change fullchain.pem or privkey.pem if needed, btw this is from the tutorial try to follow it

    ssl_certificate /etc/nginx/ssl/fullchain.pem;
ssl_certificate_key /etc/nginx/ssl/privkey.pem;
    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search