Configure HTTPS Certificates and Windows Hosts File while preparing to run Sitecore using docker
This Article assumed that the variables in the environment (.env) file have been filled in, which means you are almost ready to launch your Sitecore
For Sitecore to run with containers, you have to generate and configure HTTPS certificates and add entries to Windows hosts files. It's necessary to create and configure certificates since the container topologies use HTTPS by default. You first need to check the Traefik folder, then generate the HTTPS certificates, and then add the hostnames to the Windows hosts file.
Follow the suggested steps:
1) Examine the Traefikfolder
Traefik serves as the default reverse proxy or edge router for Docker Compose in Sitecore
Navigate to /{your instance name}/traefik
certs—an empty folder where you'll need to place your generated certificates
config/dynamic/certs_config.yaml—a Traefik configuration file which is used by the Traefik container.
As you can see in certs_config.yaml, this also references certificate files in the certs folder . In the next step, you'll need to create these certificates.
2) Generate Certificates
In this second step we will generate the HTTPS certificates, which ensure secure communication between the browser and the HTTPS reverse proxy container. As per browser requirements and secure environments by default, we must generate certificates for (TLS)/HTTPS.
We have to complete two tasks to generate both the Content Management role and Identity server certificates
a) installing mkcert
b) And, running a script.
The first task, installing mkcert can be achieved in two ways:
a) downloading from Windows
b) Or, using Chocolatey.
Install mkcert with Windows
Step 1: Download the latest (for example - mkcert-v1.4.1-windows-amd64.exe)
Step 2: Rename the downloaded executable file to mkcert.exe
Step 3: Open a command prompt in administrator mode and run the following command [Note: You can also copy to a local folder and specify that when running
.\mkcert.exe -install ]
mkcert -install
Install mkcert using Chocolatey!
Step 1: Run the following commands:
choco install mkcert
mkcert -install
3) Run Script to Generate Certificates
Once you have mkcert installed, we can generate the certificates for the Content Management role and Identity server by running below commands
mkcert -cert-file traefik\certs\xp0cm.localhost.crt -key-file traefik\certs\xp0cm.localhost.key "xp0cm.localhost"
mkcert -cert-file traefik\certs\xp0id.localhost.crt -key-file traefik\certs\xp0id.localhost.key "xp0id.localhost"
4) Final step - Add Windows Hosts File Entries
Step 1: Open up your hosts file (C:\Windows\System32\drivers\etc\hosts)
Step 2: Add the following entries-
127.0.0.1 xp0cm.localhost
127.0.0.1 xp0id.localhost
Step 3: Save your file.
Note: Alternately, you can use SitecoreDockerTools command, Add-HostsEntry.
Add-HostsEntry "xp0cm.localhost"
Add-HostsEntry "xp0id.localhost"
Verify your cert folder -
Reference: Run your first Sitecore instance | Sitecore Documentation