DEV Community

Samuel Andreo
Samuel Andreo

Posted on

2

Dockerized PHP application with SSL

Hello everyone!

I am migrating an old system I developed some years ago to a containerized environment and I need some help with SSL to serve it through HTTPS. My knowledge about this topic is quite low.

The system is composed by two containers:

  • Frontend. AngularJS app served above a NGINX image.
  • Backend. PHP API REST served above the image php:5.6-apache.

Both containers are running in a EC2 instance orchestated by Docker Swarm. The instance is linked to a domain. I know that I could get a certificate from Let's Encrypt but my questions are the following:

  • Should I use the same certificate for the frontend and the backend (both in same domain but different ports)?
  • Is there a way to renew it automatically or integrate it in my pipeline? Or what is the way to deal with this in a container environment.

Finally, if anyone have read something explaining this, please write it in the comments :)

Many thanks for your help!

Heroku

Deliver your unique apps, your own way.

Heroku tackles the toil — patching and upgrading, 24/7 ops and security, build systems, failovers, and more. Stay focused on building great data-driven applications.

Learn More

Top comments (1)

Collapse
 
dmfay profile image
Dian Fay

Let's Encrypt more or less assumes you're going to automate renewal since their certs are only good for 90 days. They have an officially-supported tool but numerous others exist since there's a well-defined protocol for renewing certificates (ACME); check their website for a list.

I wouldn't call myself a security expert but as far as I'm aware you only need one certificate covering communications with users and won't stand to gain much by adding SSL between nodes in your cluster.

Image of PulumiUP 2025

Transform Your Cloud Infrastructure

Join PulumiUP 2025 on May 6 for Expert Insights & Demos.

Register Now

👋 Kindness is contagious

Explore a trove of insights in this engaging article, celebrated within our welcoming DEV Community. Developers from every background are invited to join and enhance our shared wisdom.

A genuine "thank you" can truly uplift someone’s day. Feel free to express your gratitude in the comments below!

On DEV, our collective exchange of knowledge lightens the road ahead and strengthens our community bonds. Found something valuable here? A small thank you to the author can make a big difference.

Okay