By default the Docker image comes with a self signed certificate that is valid for one year. To provide a different certificate, the file names names nautobot.key and nautobot.crt within the /opt/nautobot/ directory is required. With these files present on the host running the Docker compose, use the following as volume mounts into the nautobot container.
nautobot:
image: "networktocode/nautobot:latest"
env_file:
- "local.env"
ports:
- "8443:8443"
- "8080:8080"
restart: "unless-stopped"
volumes:
- "./nautobot.key:/opt/nautobot/nautobot.key:ro"
- "./nautobot.crt:/opt/nautobot/nautobot.crt:ro"If you do not have your own self signed certificate, you may generate them by using OpenSSL.
OpenSSL is included with many UNIX operating systems, but may need to be installed on your system first.
Check to see if OpenSSL is installed on your system
user@ntc# openssl version
LibreSSL 2.8.3If you do not have OpenSSL installed, please follow the installation guidelines.
Once OpenSSL is installed, run the following command to generate the certificates.
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout ./environments/nautobot.key -out ./environments/nautobot.crtYou will be prompted with information to fill out for your certificate.
Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:New York
Locality Name (eg, city) []:New York City
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Bouncy Castles, Inc.
Organizational Unit Name (eg, section) []:Ministry of Water Slides
Common Name (e.g. server FQDN or YOUR name) []:server_IP_address
Email Address []:admin@your_domain.comFinally, ensure your newly generated certificates are in the correct location.
user@ntc# ls ./environments/
nautobot.crt nautobot.key