jgraph
image-export with self signed CA & certs -> ERR_CERT_AUTHORITY_INVALID
Hey, I'm trying to get image-export running so we can export diagrams as PDFs, but unfortunately I cannot get it to work:
services:
image-export:
image: jgraph/export-server
expose:
- "8000"
networks:
- drawionet
volumes:
- ./fonts:/usr/share/fonts/drawio
environment:
- DRAWIO_BASE_URL=https://test-drawio.example.org
drawio:
image: jgraph/drawio
ports:
- 7071:8443
- 7070:8080
depends_on:
- image-export
networks:
- drawionet
environment:
- EXPORT_URL=http://image-export:8000/
- DRAWIO_BASE_URL=https://test-drawio.example.org
- DRAWIO_SERVER_URL=https://test-drawio.example.org
networks:
drawionet:
I tried to build the container myself with this lines added to Dockerfile:
COPY CA.crt /usr/local/share/ca-certificates/CA.crt
RUN update-ca-certificates
but the error keeps occuring.
We got this working with an (internal) self signed wildcard cert using Traefik as a middleman. No modifications were needed to the docker containers, and no certs needed to be inserted beyond what is done for Traefik.
This will vary depending on how you setup Traefik (Or your reverse proxy of choice), but basically the 3 containers route their traffic through the traefik network.
Added to each container -
labels: - "traefik.enable=true" - "traefik.http.routers.drawio.rule=Host(drawio.domain.xxx)" - "traefik.http.routers.drawio.entrypoints=websecure" - "traefik.http.routers.drawio.tls=true" - "traefik.http.services.drawio.loadbalancer.server.port=8080"
Added to the bottom of the docker-compose
networks: drawionet: traefik_default: external: true
