I have a simple website by .net core and hosted in a Linux docker container. I had an error "the SSL connection could not be established" when trying to upload files to digital ocean spaces. I configured my localhost certificate to nginx but not work
Docker compose file:
version: '3.4' services: nginx: image: nginx:alpine hostname: 'nginx' volumes: - ./nginx/nginx.conf:/etc/nginx/nginx.conf:ro - ./nginx/proxy.conf:/etc/nginx/proxy.conf:ro - ./nginx/client.cert:/etc/ssl/certs/client.cert:ro - ./nginx/client.key:/etc/ssl/certs/client.key:ro - ./nginx/logs/:/var/log/nginx/ ports: - 8080:8080 - 443:443 depends_on: - web restart: always web: image: ${DOCKER_REGISTRY-}web-client ports: - "5000" build: context: . dockerfile: src/web/Dockerfile nginx config
user nginx; worker_processes auto; events { worker_connections 1024; } http { include /etc/nginx/proxy.conf; include /etc/nginx/mime.types; limit_req_zone $binary_remote_addr zone=one:10m rate=5r/s; # server_tokens off; sendfile on; keepalive_timeout 29; # Adjust to the lowest possible value that makes sense for your use case. client_body_timeout 10; client_header_timeout 10; send_timeout 10; upstream web_clients { server web:5000; } server { listen *:8080 default_server; add_header Strict-Transport-Security max-age=15768000; return 301 https://$host$request_uri; } server { listen 443 ssl; server_name $hostname; ssl_certificate /etc/ssl/certs/client.cert; ssl_certificate_key /etc/ssl/certs/client.key; ssl_protocols TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH"; ssl_ecdh_curve secp384r1; ssl_session_cache shared:SSL:10m; ssl_session_tickets off; ssl_stapling on; #ensure your cert is capable ssl_stapling_verify on; #ensure your cert is capable add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload" always; add_header X-Frame-Options DENY; add_header X-Content-Type-Options nosniff; add_header X-Frame-Options "SAMEORIGIN"; location / { proxy_pass http://web_clients; limit_req zone=one burst=10 nodelay; } } } My upload function
public static async Task UploadFile(IFormFile file) { string bucketName = "mybucket"; string endpoingURL = "https://mybucket.sgp1.digitaloceanspaces.com/"; IAmazonS3 s3Client; using (var newMemoryStream = new MemoryStream()) { file.CopyTo(newMemoryStream); var s3ClientConfig = new AmazonS3Config { ServiceURL = endpoingURL }; s3Client = new AmazonS3Client(s3ClientConfig); try { var fileTransferUtility = new TransferUtility(s3Client); var fileTransferUtilityRequest = new TransferUtilityUploadRequest { BucketName = bucketName + @"/files", InputStream = newMemoryStream, StorageClass = S3StorageClass.StandardInfrequentAccess, PartSize = 6291456, // 6 MB Key = file.FileName, CannedACL = S3CannedACL.PublicRead, }; fileTransferUtility.Upload(fileTransferUtilityRequest); } catch (AmazonS3Exception e) { Console.WriteLine("Error encountered ***. Message:'{0}' when writing an object", e.Message); } catch (Exception e) { Console.WriteLine("Unknown encountered on server. Message:'{0}' when writing an object", e.Message); } } } Any ideas are welcome, many thanks.
https://stackoverflow.com/questions/67443981/ssl-certificate-issue-in-docker-linux-container May 08, 2021 at 12:05PM
没有评论:
发表评论