Many customers would like to replace our server certificates with their own certificates issued with the correct common name and using their company or commercial Certificate Authority (CA).
The paths for the files that you need to overwrite are as defined in /etc/nginx/conf.d/dispatcher.conf within the nginx docker container:
- /etc/nginx/server.crt
- /etc/nginx/server.key
Step1: Prepare custom SSL Cert
Copy the custom server.crt and server.key files to the /home/vsts/ctas/ directory.
- server_cert.crt: crt file for the new certificate
- server_cert.key: key file for the new certificate
Step2: Update docker compose
Update nginx section of the docker compose, to mount server.crt and server.key
nginx:
restart: unless-stopped
networks:
- onprem
depends_on:
- ctasdispatcher
---
# add-on config
volumes:
- ./server.crt:/etc/nginx/server.crt
- ./server.key:/etc/nginx/server.key
ports:
- "443:8443"
Step3: Restart containers
cd /home/vsts/ctas/ docker compose -f docker-compose.yaml down docker compose -f docker-compose.yaml up -d