SSLCertificateKeyFile:文件‘ssl-cert-snakeoil.key. Self’不存在,或者是带有PHP和自签名Certifcate的空码头映像。
SSLCertificateKeyFile:文件‘ssl-cert-snakeoil.key. Self’不存在,或者是带有PHP和自签名Certifcate的空码头映像。
提问于 2022-07-31 16:48:53
我正在尝试扩展坞映像:php:8.1.2-apache以安装自签名的SSL证书。
这是完整的Dockerfile
FROM php:8.1.2-apache
EXPOSE 80
EXPOSE 443
ENV APACHE_CONFDIR /etc/apache2
RUN apt-get update
# 1. development packages
RUN apt-get install -y \
git \
zip \
curl \
sudo \
unzip \
libicu-dev \
libbz2-dev \
libpng-dev \
libjpeg-dev \
libwebp-dev \
libmcrypt-dev \
libreadline-dev \
libzip-dev \
libfreetype6-dev \
g++
# apache configs + document root
ENV APACHE_DOCUMENT_ROOT=/var/www/html/public
RUN sed -ri -e 's!/var/www/html!${APACHE_DOCUMENT_ROOT}!g' /etc/apache2/sites-available/*.conf
RUN sed -ri -e 's!/var/www/!${APACHE_DOCUMENT_ROOT}!g' /etc/apache2/apache2.conf /etc/apache2/conf-available/*.conf
# 4. start with base php config, then add extensions
RUN mv "$PHP_INI_DIR/php.ini-development" "$PHP_INI_DIR/php.ini"
RUN docker-php-ext-configure gd --with-freetype --with-webp --with-jpeg && \
docker-php-ext-install \
bz2 \
intl \
iconv \
bcmath \
opcache \
calendar \
pdo_mysql \
zip \
gd \
exif
# 5. install pecl packages
RUN pecl install -o -f redis \
&& rm -rf /tmp/pear \
&& docker-php-ext-enable redis
# 6. composer
COPY --from=composer:latest /usr/bin/composer /usr/bin/composer
# 8. we need a user with the same UID/GID with host user
# so when we execute CLI commands, all the host file's ownership remains intact
# otherwise command from inside container will create root-owned files and directories
RUN useradd -G www-data,root -u 1000 -d /home/devuser devuser
RUN mkdir -p /home/devuser/.composer && \
chown -R devuser:devuser /home/devuser
# PHP files should be handled by PHP, and should be preferred over any other file type
RUN { \
echo '<FilesMatch \.php$>'; \
echo '\tSetHandler application/x-httpd-php'; \
echo '</FilesMatch>'; \
echo; \
echo 'DirectoryIndex disabled'; \
echo 'DirectoryIndex index.php index.html'; \
echo; \
echo '<Directory ${APACHE_DOCUMENT_ROOT}>'; \
echo '\tOptions -Indexes'; \
echo '\tAllowOverride All'; \
echo '</Directory>'; \
echo; \
echo 'SetEnvIf x-forwarded-proto https HTTPS=on'; \
} | tee "$APACHE_CONFDIR/conf-available/docker-php.conf" \
&& a2enconf docker-php
# Install Nodejs
RUN curl -fsSL https://deb.nodesource.com/setup_17.x | sudo -E bash - && apt-get install -y nodejs
# SSL
USER root
RUN openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/ssl-cert-snakeoil.key -out /etc/ssl/certs/ssl-cert-snakeoil.pem -subj "/C=AT/ST=Vienna/L=Vienna/O=Security/OU=Development/CN=example.com"
RUN a2ensite default-ssl
RUN a2enmod ssl
# mod_rewrite for URL rewrite and mod_headers for .htaccess extra headers like Access-Control-Allow-Origin-
RUN a2enmod rewrite headers
USER devuser
# Finally start script
CMD ["/bin/sh", "-c" , "apache2-foreground"]我将这些行添加到Docker文件中
RUN openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/ssl-cert-snakeoil.key -out /etc/ssl/certs/ssl-cert-snakeoil.pem -subj "/C=AT/ST=Vienna/L=Vienna/O=Security/OU=Development/CN=example.com"
RUN a2ensite default-ssl
RUN a2enmod ssl但是conatiner停止了这个错误:
AH00526: Syntax error on line 33 of /etc/apache2/sites-enabled/default-ssl.conf:
SSLCertificateKeyFile: file '/etc/ssl/private/ssl-cert-snakeoil.key' does not exist or is empty我很困惑为什么我会得到这个错误:(不知道我错过了什么。)
回答 1
Stack Overflow用户
发布于 2022-10-18 18:59:52
您是否在apt-get部分安装了openssl?
我替换了以前的SSL实现(来自php7.4docker映像),它正在复制不存在的ssl-cert-snakeoil.key,而是这样做的:
# SSL
RUN a2enmod ssl \
&& a2ensite default-ssl \
&& openssl req -subj '/CN=example.com/O=My Company Name LTD./C=US' -new -newkey rsa:2048 -days 365 -nodes -x509 -keyout /etc/ssl/private/ssl-cert-snakeoil.key -out /etc/ssl/certs/ssl-cert-snakeoil.pem
EXPOSE 443我从这个来源获得了灵感:https://gitlab.univ-lorraine.fr/canals5/docker-php/-/blob/master/php/8.1/Dockerfile
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/73185184
复制相关文章
相似问题
腾讯云开发者
