SSL Certificates for containers

[borpin]

Is it possible to create an SSL certificate in the Node and use it for a container?

I'm thinking it is not possible but it would be really useful if it could!

 

[tim]

No, this is only for your nodes.

 

[LnxBil]

it would be really useful if it could!

Why? Every decent Linux has its own form of snakeoil certificate that is generated on daemon install, so you're already covered.

If you need multiple certificates, it is always easier to set up your own CA and create certificates from there.

 

[borpin]

Why?

Yes I can create the certificates for each container, but that means multiple configurations of certbot. If I could use the same configuration to generate the different certificates then point the containers to the certificates, that would be far simpler.

As I said, I didn't expect it would but I live in hope...

 

[LnxBil]

Yes I can create the certificates for each container, but that means multiple configurations of certbot.

Central SSL management is only possible if you have an ingress router like traefik that can handle everything, otherwise you will not be able to get the challenge right due to IP mismatches etc.