DEV Community

Cover image for Secure Apache with SSL in Docker
Tshenolo Mos
Tshenolo Mos

Posted on

Secure Apache with SSL in Docker

#docker #apache #ssl #localhost

This guide will walk you through setting up an Apache server with PHP support within a Docker container, secured with an SSL certificate for local development purposes. We’ll ensure that the server can be accessed securely via https://localhost using a self-signed SSL certificate. If you’re eager to jump straight into the code, you can locate the complete project on GitHub. Feel free to access it at https://github.com/tshenolo/docker-Secure-Apache.

Table of Contents

  1. Introduction
  2. Prerequisites
  3. Step 1: Preparing SSL Certificates
  4. Step 2: Creating the Dockerfile
  5. Step 3: Configuring Apache for SSL
  6. Step 4: Building and Running the Docker Container
  7. Step 5: Accessing Your Secure Apache Server
  8. Conclusion

Introduction

Deploying your web applications in a development environment that closely mirrors your production setup is crucial. This guide focuses on configuring an Apache server with SSL in Docker, providing a secure, isolated environment for development.

Check out my Youtube Channel where I post all kinds of content accompanying my posts, including this video showing everything in this post.

Prerequisites

  • Docker installed on your machine.
  • Basic knowledge of Docker, Apache, and SSL certificates.
  • OpenSSL for generating a self-signed certificate (if not already installed).

Step 1: Preparing SSL Certificates

Before setting up the Docker container, you’ll need to generate a self-signed SSL certificate for localhost. Open a terminal and run:

openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout localhost.key -out localhost.crt -subj "/C=US/ST=YourState/L=YourCity/O=YourOrganization/CN=localhost"
Enter fullscreen mode Exit fullscreen mode

This command generates a new SSL certificate (localhost.crt) and a private key (localhost.key), valid for 365 days.

Step 2: Creating the Dockerfile

Create a Dockerfile in your project directory with the following contents:

# Use an official PHP image with Apache
FROM php:7.4-apache

# Install Vim (optional)
RUN apt-get update && \
    apt-get install -y vim && \
    rm -rf /var/lib/apt/lists/*

# Copy SSL certificate and key
COPY localhost.crt /etc/ssl/certs/localhost.crt
COPY localhost.key /etc/ssl/private/localhost.key

# Copy the custom Apache virtual host config
COPY ./my-httpd-vhosts.conf /etc/apache2/sites-available/my-ssl.conf

# Enable SSL module, configure Apache for PHP support, and enable our SSL site configuration
RUN a2enmod ssl && \
    a2enmod rewrite && \
    a2dissite 000-default default-ssl && \
    a2ensite my-ssl

# Copy your PHP application into the default Apache document root
COPY ./public-html/ /var/www/html/
Enter fullscreen mode Exit fullscreen mode

Step 3: Configuring Apache for SSL

Create a file named my-httpd-vhosts.conf in your project directory with the following Apache virtual host configuration:

<VirtualHost *:443>
    DocumentRoot "/var/www/html"
    ServerName localhost

    SSLEngine on
    SSLCertificateFile "/etc/ssl/certs/localhost.crt"
    SSLCertificateKeyFile "/etc/ssl/private/localhost.key"

    # Other directives here
</VirtualHost>
Enter fullscreen mode Exit fullscreen mode

Step 4: Building and Running the Docker Container

With the Dockerfile and SSL configuration in place, build your Docker image:

docker build -t apache-php-ssl .
Enter fullscreen mode Exit fullscreen mode

Then, run your container:

docker run -d -p 443:443 apache-php-ssl
Enter fullscreen mode Exit fullscreen mode

This command starts a container from your image, mapping port 443 inside the container to port 443 on your host machine.

Step 5: Accessing Your Secure Apache Server

Open a web browser and navigate to https://localhost. You should see your PHP application running securely under HTTPS. Since the certificate is self-signed, your browser may warn you about the site’s security certificate. You can proceed by allowing an exception for this certificate.

Conclusion

You’ve successfully set up an Apache server with SSL inside a Docker container, making your local development environment secure and more aligned with production settings. This setup ensures that your development practices include necessary security measures right from the start.

Thank you for reading this blog post. If you found the post helpful or interesting, here are a few ways you can show your support:

🐦 Follow me on X
📺 Subscribe to my Youtube channel
Your support and engagement means a lot to me as an open-source developer.

Top comments (0)