Debian behind TLS Proxy

Behind Corp Proxy let’s assume you’re behing a Corp Proxy which enforce TLS Inspection, you don’t have the Proxy Cert and you want to Upgrade your Boxes … … and of course, you do this in the LAB and for Research only and not your Productiv Environment! TLS Inspection enabled apt-get upate W: Failed to fetch Certificate verification failed: The certificate is NOT trusted. The certificate issuer is unknown. Could not handshake: Error in the certificate verification.


Run Simple Secure Webserver in 20 sec assuming you have Docker Instance and wanna run a Secure Webserver in a few Seconds ? Here is an Example how todo it … Fireup Docker start a fresh and empty Container with Alpine Linux. Get a Shell. Docker will be removed when you leave the shell (–rm) docker run -it --rm -p 80:80 -p 443:443 --name alpine-ssl alpine /bin/sh Set FQDN this should point to your ip address …

Docker - Traefik - Wildcard Cert

Intro TLS is must, but do you wanna generate a own Certificate for each Service you Provide ? Specially, when you have a *.domain.tld Record set ? Trafik is able to handle that for you. Let’s Encrypt offers the possibility to use DNS Validation for Wildcard Domains. Here is a list of Providers that can automate DNS Verfication. Helpful URL Fully Example with Docker Compose, Traefik, Digital Ocean Prepare Env cd /where/ever/you/want mkdir data touch data/acme.