Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve way to specify the private HTTPS port with the container so the Administration Web links uses the right port #103

Open
Vampire opened this issue Oct 30, 2024 · 3 comments
Open

Improve way to specify the private HTTPS port with the container so the Administration Web links uses the right port #103

Vampire opened this issue Oct 30, 2024 · 3 comments
Labels
enhancement New feature or request

Comments

@Vampire
Copy link

Vampire commented Oct 30, 2024

I started SignServer CE from the docker image using

docker run -it --rm -p 8080:8080 -p 8443:8443 -h localhost --name signserver keyfactor/signserver-ce

Then I tried to access https://localhost:8443/signserver/.

The page loads properly, but the link to "Administration Web" is not correct, it uses port 443:
image
@Vampire Vampire added the bug Something isn't working label Oct 30, 2024
@netmackan
Copy link
Collaborator

I believe it currently is a known issue that the admin web link assumes the default ports are being used.

The port for the link can be changed in /opt/signserver/conf/signserver_deploy.properties changing to:

httpserver.external.privhttps=8443

Then when starting the container you can mount in your modified version of signserver_deploy.properties:

docker run -it --rm \
  -p 8080:8080 -p 8443:8443 -h localhost \
  -v /home/user/my-signserver_deploy.properties:/opt/signserver/conf/signserver_deploy.properties \
  --name signserver \
 keyfactor/signserver-ce:6.3.0

Then the link should use what you have set in the config file (i.e. 8443).

Not sure if a container could be made aware of what port mappings are used and if we then could set the right port automagically. Otherwise, maybe we could introduce some ENV variable where the correct port could be specified so that mounting in the conf file would not be necessary.

@Vampire
Copy link
Author

Vampire commented Nov 1, 2024

Or maybe just use a relative path like for the other links and if you want to ensure this path is only access via https, ensure this otherwise?

@netmackan
Copy link
Collaborator

netmackan commented Feb 14, 2025
edited
Loading

Relative paths are not enough as the point with the Administration Web link is to use HTTPS and the port that can accept client-certificate authentication.

I think this is something that the one starting the container will need to provide as this depends on the port-mappings provided with your docker run. Currently it can be achieved by mounting in your own signserver_deploy.properties but we are considering if not this should be possible through an container environment variable to make it easier.

@netmackan netmackan removed the bug Something isn't working label Feb 14, 2025
@netmackan netmackan changed the title [BUG] Administration Web links uses the wrong port Improve way to specify the private HTTPS port so the Administration Web links uses the right port Feb 14, 2025
@netmackan netmackan changed the title Improve way to specify the private HTTPS port so the Administration Web links uses the right port Improve way to specify the private HTTPS port with the container so the Administration Web links uses the right port Feb 14, 2025
@netmackan netmackan added the enhancement New feature or request label Feb 14, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@netmackan @Vampire