Automate self-signed SSL creation within the NGINX Dockerfile
This commit is contained in:
Родитель
d747b269ab
Коммит
26d4c92df9
18
README.md
18
README.md
|
@ -13,7 +13,6 @@ Salesforce uses User Interface API to build the Salesforce1 and Lightning Experi
|
||||||
1. For Origin URL Pattern, enter `https://localhost:8443`. If you're deploying to heroku, enter `https://*.herokuapp.com` or `https://some-domain.herokuapp.com`.
|
1. For Origin URL Pattern, enter `https://localhost:8443`. If you're deploying to heroku, enter `https://*.herokuapp.com` or `https://some-domain.herokuapp.com`.
|
||||||
1. Clone the RecordViewer repository.
|
1. Clone the RecordViewer repository.
|
||||||
1. Set up [Docker](https://www.docker.com/).
|
1. Set up [Docker](https://www.docker.com/).
|
||||||
1. Create the SSL cert and key in the `nginx` folder. See [Set Up SSL](#set-up-ssl).
|
|
||||||
1. To build and start the servers, run this Docker Compose command.
|
1. To build and start the servers, run this Docker Compose command.
|
||||||
```sh
|
```sh
|
||||||
docker-compose build && docker-compose up -d
|
docker-compose build && docker-compose up -d
|
||||||
|
@ -32,23 +31,6 @@ for i in {49000..49900}; do
|
||||||
done
|
done
|
||||||
```
|
```
|
||||||
|
|
||||||
### Set Up SSL
|
|
||||||
|
|
||||||
OAuth authentication requires SSL. The server expects SSL key information in the `/nginx/ssl.crt` and `/nginx/ssl.key` files in the project directory.
|
|
||||||
|
|
||||||
To create a self-signed SSL key:
|
|
||||||
|
|
||||||
1. `cd recordviewer/nginx`
|
|
||||||
1. `openssl genrsa -des3 -passout pass:x -out server.pass.key 2048`
|
|
||||||
1. `openssl rsa -passin pass:x -in server.pass.key -out ssl.key`
|
|
||||||
1. `openssl req -new -key ssl.key -out server.csr`
|
|
||||||
|
|
||||||
When prompted for a 'challenge password', press return, leaving the password empty.
|
|
||||||
|
|
||||||
1. `openssl x509 -req -days 365 -in server.csr -signkey ssl.key -out ssl.crt`
|
|
||||||
|
|
||||||
For more information, see these [Creating a Self-Signed SSL Certificate](https://devcenter.heroku.com/articles/ssl-certificate-self).
|
|
||||||
|
|
||||||
## Deploy to Heroku
|
## Deploy to Heroku
|
||||||
|
|
||||||
Please note that deploying the RecordViewer app to Heroku is optional.
|
Please note that deploying the RecordViewer app to Heroku is optional.
|
||||||
|
|
|
@ -5,8 +5,15 @@ FROM nginx
|
||||||
RUN rm -v /etc/nginx/nginx.conf
|
RUN rm -v /etc/nginx/nginx.conf
|
||||||
ADD nginx.conf /etc/nginx/
|
ADD nginx.conf /etc/nginx/
|
||||||
|
|
||||||
ADD ssl.crt /etc/nginx/cert.crt
|
RUN apt-get update && \
|
||||||
ADD ssl.key /etc/nginx/cert.key
|
apt-get install -y openssl && \
|
||||||
|
cd /etc/nginx && \
|
||||||
|
openssl genrsa -des3 -passout pass:password1 -out cert.pass.key 2048 && \
|
||||||
|
openssl rsa -passin pass:password1 -in cert.pass.key -out cert.key && \
|
||||||
|
rm cert.pass.key && \
|
||||||
|
openssl req -new -key cert.key -out cert.csr \
|
||||||
|
-subj "/C=US/ST=California/L=San Francisco/O=Example/OU=Example/CN=example.com" && \
|
||||||
|
openssl x509 -req -days 365 -in cert.csr -signkey cert.key -out cert.crt
|
||||||
|
|
||||||
EXPOSE 443
|
EXPOSE 443
|
||||||
EXPOSE 80
|
EXPOSE 80
|
||||||
|
|
Загрузка…
Ссылка в новой задаче