Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Adding SSL certificates to a mysql docker container

Tags:

docker

mysql

nginx

ssl

django

I am building a docker container for a django application, which uses nginx and uwsgi. For the Database the application is using mysql, which is located in a different container and both of them are link with a docker-compose.yml file:

version: '2'
services:
    mysql:  
        image: mysql:latest
        environment:
            -MYSQL_DATABASE: TheDatabase
            -MYSQL_ALLOW_EMPTY_PASSWORD: 'yes'
            -MYSQL_USER: TheUsername
            -MYSQL_PASSWORD: ThePassword

        ports:
            -"3306:3306"

    django:
        build: .
        volumes:
            - .:/app
        ports:
            - "443:443"
            - "8000:8000"
        links:
            - mysql

I am using SSL certificates, which are self-signed using OpenSSL and are included in the nginx.conf file. The problem is that every time I run the containers and try to log as the superuser I get the following error 504 Timed Out. After a decent amount of thinking I came to the conclusion that the issue is in the connection to the mysql database. I did enter the mysql container and saw that the Database is there and after inspecting the tables, I saw that all the tables have been created. However, after reading the logs I noticed the following line:

[Warning] Failed to set up SSL because of the following SSL library error: SSL context is not usable without certificate and private key.

How am I supposed to add the SSL key and certificate, when I am using a ready image from the docker hub? Is that why I getting the 504 Timed out error? I am also getting the following 3 Warnings:

[Warning] 'db' entry 'sys mysql.sys@localhost' ignored in --skip-name-resolve mode.

[Warning] 'proxies_priv' entry '@ root@localhost' ignored in --skip-name-resolve mode.

[Warning] 'tables_priv' entry 'sys_config mysql.sys@localhost' ignored in --skip-name-resolve mode

like image 569
filtfilt Avatar asked Dec 06 '16 14:12

filtfilt

People also ask

Does MySQL client use SSL?

MySQL supports encrypted connections between clients and the server using the TLS (Transport Layer Security) protocol. TLS is sometimes referred to as SSL (Secure Sockets Layer) but MySQL does not actually use the SSL protocol for encrypted connections because its encryption is weak (see Section 6.3.

1 Answers

"If you want the server to be able to deploy with automatic support for secure connections, use the mysql_ssl_rsa_setup utility to create default SSL and RSA files:

shell> mysql_ssl_rsa_setup

For more information, see Section 4.4.5, “mysql_ssl_rsa_setup — Create SSL/RSA Files”.

mysql_ssl_rsa_setup

Only the MySQL enterprise edition server will create the certificates for you at --initialize time.

Courtesy-MySQL

like image 193
Vineeth Avatar answered Oct 17 '22 21:10

Vineeth
Sign in to Comment

Related questions

OR conflict between other conditions
Find and remove duplicate rows by two columns
How to combine two tables in a query
Freak MySql error with MAMP
SQL syntax error near gunzip when restoring a database using .sql.gz file
Unable to stop MySQL on OS X 10.10
xampp mysql and phpmyadmin dont work
Is MySQL Query containing sub-query atomic?
what's the proper way to handle timeouts for active record with a connection pool?
What is best performance for Retrieving MySQL EAV results as Relational Table
Indices and using primary keys as indices in MySQL
Deleting file created from mysql
Host 'hostname' is blocked because of many connection errors; unblock with 'mysqladmin flush-hosts'
Clarifying the difference between row-level lock in InnoDB engine and table-level lock in MyISAM engine in MySQL database
Can We Pass Multiple Parameters To A Function In Controller?
No exception being thrown when opening MySqlConnection?
MySQL excessive memory usage

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!