I have a service using finatra server running on docker container. Currently I am using letsencrypt , and I created my .pfx file etc. But I don't know how to use it with docker-compose. I have a keystore folder inside my project which has my ssl files.
Here is my docker-compose.yml
version: '2'
services:
test:
build: target/docker/stage
ports:
- "9999:9999"
- "9990:9990"
links:
- mongo:mongo
depends_on:
- mongo
mongo:
image: mongo
ports:
- "27017:27017"
volumes:
- ./mydb:/data/db
I recommend using nginx and its SSL Termination capability: https://docs.nginx.com/nginx/admin-guide/security-controls/terminating-ssl-http/
The nginx service should be the entry point to your application, where you terminate SSL using your provided cert/key then pass unencrypted traffic between your container apps over the overlay network.
It's a best practice to terminate SSL like this, and if you do want to encrypt network traffic within your cluster, then do so with separate certs from your ingress controller.