Docker https cannot open certificates #258

New Issue

Closed

opened 2026-01-19 18:29:38 +00:00 by michael · 2 comments

michael commented 2026-01-19 18:29:38 +00:00

Owner

Copy Link

Originally created by @MPolymath on GitHub.

Hello,

To launch docker and have it use https,
I am running the following command:

sudo docker run --publish 443:443 dutchcoders/transfer.sh:latest --provider local --basedir /tmp/ --listener :8080 --tls-listener :443 --tls-cert-file /tmp/localhost.crt --force-https --tls-private-key /tmp/localhost.key

However when I access my local web server (https://localhost:443) I get the following logs:

2019/06/06 09:13:21 http: TLS handshake error from 172.17.0.1:36212: open /tmp/localhost.crt: no such file or directory

I copied the certificates in the docker container using the following command.

sudo docker cp /home/mina/transfersh/localhost.crt container_id:/tmp/
sudo docker cp /home/mina/transfersh/localhost.key container_id:/tmp/

I have also copied the certificates in the local machine in the /tmp/ directory.

This is how I created the certificates:

openssl req -x509 -out localhost.crt -keyout localhost.key \
  -newkey rsa:2048 -nodes -sha256 \
  -subj '/CN=localhost' -extensions EXT -config <( \
   printf "[dn]\nCN=localhost\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName=DNS:localhost\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth")

Am I doing anything wrong or is the https function broken ?

Originally created by @MPolymath on GitHub. Hello, To launch docker and have it use https, I am running the following command: ``` sudo docker run --publish 443:443 dutchcoders/transfer.sh:latest --provider local --basedir /tmp/ --listener :8080 --tls-listener :443 --tls-cert-file /tmp/localhost.crt --force-https --tls-private-key /tmp/localhost.key ``` However when I access my local web server (https://localhost:443) I get the following logs: ``` 2019/06/06 09:13:21 http: TLS handshake error from 172.17.0.1:36212: open /tmp/localhost.crt: no such file or directory ``` I copied the certificates in the docker container using the following command. ``` sudo docker cp /home/mina/transfersh/localhost.crt container_id:/tmp/ sudo docker cp /home/mina/transfersh/localhost.key container_id:/tmp/ ``` I have also copied the certificates in the local machine in the /tmp/ directory. This is how I created the certificates: ``` openssl req -x509 -out localhost.crt -keyout localhost.key \ -newkey rsa:2048 -nodes -sha256 \ -subj '/CN=localhost' -extensions EXT -config <( \ printf "[dn]\nCN=localhost\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName=DNS:localhost\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth") ``` Am I doing anything wrong or is the https function broken ?

michael closed this issue 2026-01-19 18:29:38 +00:00

michael commented 2026-01-19 18:29:38 +00:00

Author

Owner

Copy Link

@dopessoa commented on GitHub:

Hello @MPolymath,

I guess the easiest way would be to mount your certificates directory inside the container, like this:

sudo docker run -v /home/mina/transfersh:/tmp/certs --publish 443:443 dutchcoders/transfer.sh:latest --provider local --basedir /tmp/ --tls-listener :443 --tls-cert-file /tmp/certs/localhost.crt --tls-private-key /tmp/certs/localhost.key

As you're not publishing the HTTP port, both --listener and --force-https parameters shouldn't make a difference, so I removed them from the command line.

@dopessoa commented on GitHub: Hello @MPolymath, I guess the easiest way would be to mount your certificates directory inside the container, like this: `sudo docker run -v /home/mina/transfersh:/tmp/certs --publish 443:443 dutchcoders/transfer.sh:latest --provider local --basedir /tmp/ --tls-listener :443 --tls-cert-file /tmp/certs/localhost.crt --tls-private-key /tmp/certs/localhost.key` As you're not publishing the HTTP port, both --listener and --force-https parameters shouldn't make a difference, so I removed them from the command line.

michael commented 2026-01-19 18:29:38 +00:00

Author

Owner

Copy Link

@MPolymath commented on GitHub:

Thank you that is exactly what I was looking for the issue is solved.

@MPolymath commented on GitHub: Thank you that is exactly what I was looking for the issue is solved.

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

dependabot/go_modules/golang.org/x/crypto-0.45.0

dependabot/go_modules/golang.org/x/net-0.38.0

revert-646-main

dependabot/go_modules/golang.org/x/oauth2-0.27.0

check-ci-20241026

aspacca-patch-1

seed-rand

fix-basic-auth

fix-header-map-change-after-writeheader-call

issue-503

issue-487

gpg-encryption-support

lint-accept-range

bump-min-go-version-and-include-tip

accept-range

local-google-fonts

parallel-range-requests

issue-485

sb/storj-bump

fix-perform-clamav-prescan

revert-389-clamav-prescan

clamav-prescan

changes-in-front-end

ISSUE-440

revert-422-main

master

golint

ISSUE-398

multiple-fixes

ISSUE-382-take2

ISSUE-382

fix-workflows

fixes-20210521

ISSUE-371

ISSUE-38-WEB

ISSUE-313

ISSUE-296

fuzz

BINARY-RELEASES

ISSUE-256

v1.6.1

v1.6.0

v1.5.0

v1.4.0

v1.3.1

v1.3.0

v1.2.6

v1.2.4

v1.2.3

v1.2.2

v1.2.1

v1.2.0

v1.1.7

v1.1.6

v1.1.5

v1.1.4

v1.1.3

v1.1.2

v1.1.1

v1.1.0

v1.0.0

Labels

Clear labels

bug

docker

enhancement

hacktoberfest

help wanted

invalid

question

storage provider

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

michael

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: dutchcoders/transfer.sh#258