Setting up an HTTPS reverse proxy
The next step is to introduce support for HTTPS, which will be handled by a proxy package named HAProxy (https://www.haproxy.org). There are many proxies available, but this is one that I have used for many years and have always found reliable.
To prepare for the proxy, copy your certificate and key files into the sportsstore folder with the names cert.pem and key.pem. Chapter 5 contains instructions for creating a free self-signed certificate, or you can copy the files from the GitHub project for this chapter, which contains a self-signed certificate that I created.
You can use a real certificate, but you must ensure that the domain name associated with the certificate resolves to the machine on which you are running the containers, which can be difficult to arrange.
To create the proxy configuration file, add a file named haproxy.cfg to the sportsstore folder with the content shown in Listing 21.23.
Listing 21.23: The...
