We run several self-developed .NET Blazor web applications as Docker containers on a Linux server. Each container runs on port 80 (HTTP) and can be accessed via different host ports (e.g. http://server-ip:8080 for application A, http://server-ip:8081 for application B, etc.).
To make the URLs to the applications more descriptive, we use DNS entries. For example, the host server has the address host.intra.contoso.de, and the applications are accessible via DNS entries such as application1.intra.contoso.de and application2.intra.contoso.de, which also point to the host.
Now we would like to switch the communication to HTTPS.
The main questions are:
What is the best approach to enable HTTPS for this architecture?Should we:1.1 Implement HTTPS directly in the Docker containers?1.2. Use a reverse proxy like Nginx on the host to manage the certificates and route the requests?
Are there any special challenges when using SSL encryption due to the use of DNS records (e.g. anwendung1.intra.contoso.de)? How should we manage the certificates and configure the reverse proxy or the applications accordingly?
Additional information:
- The applications are only accessible in the internal network.
- Certificates are provided by our internal certificate management.
- It would be ideal if we could continue to use existing URLs (with the DNS entries).
If further information is required, I will provide it as soon as possible. Thank you very much for any kind of support!