Configure SSL Certificate on QualiX 4.1 Docker Container
This section explains how to configure your certificate on QualiX 4.1 Docker. For QualiX 5.0, see Nginx proxy service options.
To configure the SSL certificate:
-
SSH to docker server.
-
Copy the tomcat config file from the container, and run:
docker cp guacamole:/usr/local/tomcat/conf/server.xml ./
-
Edit the
./server.xml
file.-
Remove this line:
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" maxThreads="150" SSLEnabled="true" scheme="https" secure="true" keystoreFile="/usr/share/tomcat/.keystore" keystorePass="123123" clientAuth="false" sslProtocol="TLS" />
-
Add this line:
<Connector
protocol="org.apache.coyote.http11.Http11AprProtocol"
port="8443" maxThreads="200"
scheme="https" secure="true" SSLEnabled="true"
SSLCertificateFile="/usr/local/tomcat/conf/qualix.crt"
SSLCertificateKeyFile="/usr/local/tomcat/conf/qualix.key"
SSLVerifyClient="optional" SSLProtocol="TLSv1+TLSv1.1+TLSv1.2"/>For details, see https://tomcat.apache.org/tomcat-8.5-doc/ssl-howto.html.
-
-
Copy the
server.xml
file to the container, and run:docker cp ./server.xml guacamole:/usr/local/tomcat/conf/
-
Copy the certificate key and
.crt
files to the container, run the following commands:docker cp ./qualix.key guacamole:/usr/local/tomcat/conf/
docker cp ./qualix.crt guacamole:/usr/local/tomcat/conf/Where qualix.key and qualix.crt are the certificate files to be copied to the docker host.
warningFor Qualix-4.0.0, change the configuration directory to /home/guacamole/tomcat/conf.
-
Restart the container:
docker restart guacamole