How to configure Nginx proxy in Docker for SSL encryption protection?

How to configure Nginx proxy in Docker to achieve SSL encryption protection?

With the development of the Internet, data security issues have become increasingly prominent. In order to ensure data security, SSL (Secure Sockets Layer) has become an essential encryption protocol. When using Nginx for proxy, configuring an SSL certificate is a basic security operation. This article will introduce how to configure Nginx proxy in Docker to achieve SSL encryption protection.

1. Install Docker and Nginx

First, we need to install Docker and Nginx on the server. You can install it accordingly according to your own operating system and distribution version.

2. Generate SSL certificate

In order to configure Nginx's SSL encryption, we need to generate an SSL certificate. A self-signed certificate can be generated with the following command:

$ openssl req -new -newkey rsa:2048 -days 365 -nodes -x509 -keyout server.key -out server.crt

This will generate a self-signed SSL certificate.

3. Create a Docker image

Next, we need to create a Docker image for Nginx. You can create a new Dockerfile file with the following content:

FROM nginx:latest
COPY nginx.conf /etc/nginx/nginx.conf
COPY server.crt /etc/nginx/server.crt
COPY server.key /etc/nginx/server.key
EXPOSE 80
EXPOSE 443

In this Dockerfile, we copy the Nginx configuration file nginx.conf and the SSL certificates server.crt and server.key to the corresponding directory in the image. And specify the ports that the container needs to listen to: 80 and 443.

4. Configure Nginx proxy

Next, we need to configure Nginx proxy settings. In the nginx.conf file, you can configure it according to the following example:

worker_processes auto;
events {}

http {
  server {
    listen 80;
    server_name example.com;
    location / {
      proxy_pass http://backend;
    }
  }

  server {
    listen 443 ssl;
    server_name example.com;
    ssl_certificate /etc/nginx/server.crt;
    ssl_certificate_key /etc/nginx/server.key;

    location / {
      proxy_pass http://backend;
    }
  }
}

upstream backend {
  server backend_host:backend_port;
}

In the above configuration, first we define an upstream named backend to specify the address and port of the backend server. Then, we configured two server blocks, one listening on port 80 and the other listening on port 443. In the server block of port 443, we used the specified SSL certificate and private key, and set the proxy forwarding address.

5. Build and run the Docker container

Finally, we need to build and run the Docker container.

First, use the following command to build the Docker image:

$ docker build -t nginx-ssl .

Then, use the following command to run the Docker container:

$ docker run -d -p 80:80 -p 443:443 --name nginx-ssl nginx-ssl

This will map the 80 port and 443 port in the container to the corresponding port of the host, and the name of the container is nginx-ssl.

6. Test Verification

Now, we can access the Nginx proxy by entering the server’s IP address or domain name.

Enter http://example.com in the browser, you can see that the Nginx proxy has been successfully configured.

At the same time, we can also try to access through https://example.com. If the browser displays a secure connection, it means that SSL encryption has taken effect.

Summary

Configuring Nginx proxy in Docker for SSL encryption protection is not difficult. By generating SSL certificates, creating Docker images, configuring Nginx agents, and running Docker containers, you can easily add SSL encryption to Nginx to improve data security.

The above is the detailed content of How to configure Nginx proxy in Docker for SSL encryption protection?. For more information, please follow other related articles on the PHP Chinese website!