Page tree

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


Below are steps to configure nginx-proxy on your docker host.  The tutorial assumes the following:

sub-domain for virtual


Now that we have a reverse proxy, we can secure the port using HTTPS.  In this example, we are creating a wildcard certificate to match the wildcard DNS entry.  In this example, the "Common Name" is "*".

A wildcard certificate only covers one level of subdomains.  For example, you cannot use * as a wildcard certificate for because, in this case there are two subdomain levels. The wildcard certificate needs to be *

  1. Create a certificate and CSR in the proxy's ./certs directory (this volume was mounted in the proxy's docker-compose.yml file above). 

    Code Block
    data/proxy# mkdir -p certs
    data/proxy# cd certs
    data/proxy/certs# # Create a private key:
    data/proxy/certs# openssl genrsa -out 2048
    data/proxy/certs# # Create a CSR from the new key:
    data/proxy/certs# openssl req -new -sha256 -key -out
    Country Name (2 letter code) [AU]:US
    State or Province Name (full name) [Some-State]:Ohio
    Locality Name (eg, city) []:Archbold
    Organization Name (eg, company) [Internet Widgits Pty Ltd]:Your Organization name
    Organizational Unit Name (eg, section) []:Your OU
    Common Name (e.g. server FQDN or YOUR name) []:*
    Email Address []
    Please enter the following 'extra' attributes
    to be sent with your certificate request
    A challenge password []:
    An optional company name []:

  2. Send the CSR to your favorite signing authority, or self sign it:

    Code Block
     data/proxy/certs# openssl x509 -req -sha256 -days 3650 -in -signkey -out

  3. Configure nginx to listen on port 443.  Add port mapping to the proxy's docker-compose.yml file: 

    Code Block
       image: jwilder/nginx-proxy
       restart: always
         - /var/run/docker.sock:/tmp/docker.sock:ro
         - ./certs:/etc/nginx/certs:ro
         - ./vhost.d:/etc/nginx/vhost.d
         - ./html:/usr/share/nginx/html
         - "80:80"
         - "443:443"

  4. Recreate the proxy container with: 

    Code Block
    docker-compose up -d 


Page properties

Related issues