I am using microservice-based architecture in my application and my frontend is in ReactJS and it is deployed on Azure Kubernetes Services(AKS). I am using Nginx as a host for my React web application. I have purchased a standard SSL certificate from GoDaddy for security purposes.
I have 2-3 questions about it.
I got a Zip file when I purchased the SSL certificate and it contains 3 files named
a. 2.........abc.crt
b. gd_bundle-g2-g1.crt
c. 2.........abc.pem
What are the uses of these 3 files? .pem file contains the public key then how do I get the private key?
Here is my sample Dockerfile,
WORKDIR /app
ENV PATH /app/node_modules/.bin:$PATH
COPY package.json /app/package.json
RUN npm install --silent
RUN npm install react-scripts@3.0.1 -g --silent
COPY . /app
RUN npm run build
# production environment
FROM nginx:1.16.0-alpine
COPY --from=build /app/build /usr/share/nginx/html
RUN rm /etc/nginx/conf.d/default.conf
RUN rm -rf /tmp/nginx
COPY nginx /tmp/nginx
RUN cat /tmp/nginx/2........abc.crt /tmp/nginx/gd_bundle-g2-g1.crt > /tmp/nginx/www.xxx.yyy.com.crt
RUN mkdir -p /etc/nginx/ssl
RUN cp /tmp/nginx/www.xxx.yyy.com.crt /etc/nginx
RUN cp /tmp/nginx/www.xxx.yyy.com.key /etc/nginx
RUN mv /tmp/nginx/2.........abc.pem /etc/nginx/ssl/www.xxx.yyy.com.pem
RUN cp /etc/nginx/ssl/www.xxx.yyy.com.pem /etc/nginx/www.xxx.yyy.com.pem
COPY nginx/nginx.conf /etc/nginx/conf.d
COPY nginx/nginx.ssl.conf /etc/nginx/conf.d
EXPOSE 80 443
CMD ["nginx", "-g", "daemon off;"]Here is my nginx.ssl.conf file
server {
listen 443 ssl;
server_name www.xxx.yyy.com;
ssl_certificate /etc/nginx/www.xxx.yyy.crt;
ssl_certificate_key /etc/nginx/www.xxx.yyy.com.pem;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
try_files $uri $uri/ /index.html;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
In my conf file, I have used .pem in ssl_certificate_key because I don't have a private key. Is this a correct approach?