Some applications have connections that needs certificates to work, I usually get my certificates a from the reverse proxy and let’s encrypt.
But if I want to run a service that supports connections with TLS and want to map the certificates to that container, I need to run that container as root, but what to do if I don’t want to run it as root?
Is copy them a “real” solution?
You must log in or register to comment.
i would use selfsinged certificates for the containers that MUST have one and then just terminate it at the reverse proxy
There are some specific tags for working TLS and you can also solve it by using docker context which could be good if you’re working with multiple hosts and connection types. This guide it’s kinda long, but it will walk you through the entire process.