3.2 C
New York
Thursday, February 9, 2023

Buy now

How to force Portainer to use HTTPS and upload your SSL certificates

If Portainer is your go-to GUI for Docker and Kubernetes, you should consider adding some extra security to the implementation.

A developer adding extra security to their implementation.
Image: Christina Morillo/Pexels

Portainer is one of the most powerful and easy-to-use GUIs for Docker and Kubernetes management. This well-designed GUI allows you to work with almost every aspect of your container deployments. Portainer smoothes out Kubernetes’ rather steep learning curve, making it significantly easier for your teams to manage namespaces, networks, pods, ingresses, Helm, ConfigMaps & Secrets, Volumes, and even the cluster.

SEE: Rental Kit: Back-end Developer (Tech Republic Premium)

Over the past few years I have found Portainer to be an invaluable tool. My usual method of deploying Portainer is through a Microk8s cluster, which is the easiest method of getting Kubernetes support into the web-based GUI; however, when deployed this way, Portainer can be accessed over HTTP or HTTPS and does not use SSL certificates. Fortunately, Portainer makes it easy to force HTTPS and upload your SSL certificates. I’ll show you how this is done.

Remark: When you force HTTPS in Portainer, HTTP access stops working. After you force HTTPS, Portainer doesn’t automatically redirect connections from HTTP to HTTPS, so you’ll need to notify anyone who has access to Portainer of the new address.

Jump to:

What you need to force Portainer to use HTTPS and SSL

You need a running Portainer instance, an SSL certificate, and a user with administrative privileges. The SSL certificate can be purchased or self-signed. You need both an X.509 certificate and a private key.

Force HTTPS in Portainer

Log in to your Portainer instance as an administrator, then click Settings in the left sidebar (Image A).

Image A

You can access the Settings page from the Portainer sidebar.
You can access the Settings page from the Portainer sidebar.

On the resulting page, scroll down to the SSL Certificate section and click the ON/OFF option for Force HTTPS Only until it is in the ON position (Figure B).

Figure B

Force HTTPS in Portainer.
Force HTTPS in Portainer.

After enabling Forced HTTPS, click Apply Opportunities; once it’s saved, you’ll be kicked out of Portainer. In the address bar of your browser, type the new address where SERVER is either the IP address or the domain of the hosting server.

How to add your SSL certificate to Portainer

You need two files: the X.509 certificate and your private key. It doesn’t matter if these are purchased or self-signed keys, but for production environments I recommend a key purchased from a certificate authority such as DigiCert.

Once you have obtained your SSL certificates, go back to the Portainer settings window, scroll down to the SSL Certificate section and click the top Select File button (Figure C) to add your X.509 certificate.

Figure C

Upload your SSL key files to Portainer.
Upload your SSL key files to Portainer.

Click the bottom Select file button and upload your private key file. After selecting both keys, click Apply changes. You should not be forced out of Portainer; instead, you can select your environment and get to work.

Enable these features for added security

Probably don’t use websites or services that don’t use HTTPS and SSL. With Portainer, adding these features is so easy that anyone can do this task. I recommend enabling these features before rolling out the platform to your teams so you don’t have to send them an email with new instructions on how to reach the site.

Be sure to read more of my TechRepublic tutorials on Portainer: adding a new development environment to Portainer, adding a verified Docker Hub registry in Portainer for a more robust development platform, and using Helm charts with Portainer.

Subscribe to TechRepublic’s How to make technology work on YouTube for the latest technical advice for business professionals from Jack Wallen.

Source link

Related Articles


Please enter your comment!
Please enter your name here

Stay Connected


Latest Articles