Hi @mrjones, Thank you for your detailed instructions and support. I followed the steps you provided, and I was able to resolve the TLS issue successfully. Below are the exact steps I took:
1. Verified Certificate with OpenSSL
I first checked the certificate inside the nginx container:
docker exec test_cht-nginx-1 bash -c "openssl x509 -noout -text -in /etc/nginx/private/cert.pem | head -n 15"
The output confirmed the current certificate details:
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1a:9c:65:a2:56:ce:5b:b0:0b:2b:dc:17:1b:ba:74:6b:db:54:30:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: emailAddress = domains@medic.org, C = US, ST = California, L = San_Francisco, O = medic, OU = Information_Security, CN = test-nginx.dev.medicmobile.org
2. Tested Curl Call for Fullchain
I then ran the curl command inside the container to check the fullchain:
docker exec -it test_cht-nginx-1 bash -c "curl -v https://local-ip.medicmobile.org/fullchain"
However, this failed with the error:
curl: (6) Could not resolve host: local-ip.medicmobile.org
3. Downloaded Key and Fullchain on Workstation
I created a directory on my workstation and downloaded the required certificates:
mkdir keyfullchain-workstation
cd keyfullchain-workstation
curl -o fullchain https://local-ip.medicmobile.org/fullchain
curl -o key https://local-ip.medicmobile.org/key
4. Copied Certificates to Nginx Container
I then copied the downloaded certificates into the nginx container:
docker cp key test_cht-nginx-1:/etc/nginx/private/key.pem
docker cp fullchain test_cht-nginx-1:/etc/nginx/private/cert.pem
5. Reloaded nginx
Finally, I reloaded the nginx server to apply the changes:
docker exec -it test_cht-nginx-1 bash -c "nginx -s reload"
After following these steps, the TLS issue was resolved.
Thank you once again @mrjones for your great support!