#community-help

Configuring Docker-hosted Typesense with Let's Encrypt SSL Certificates

TLDR Ian asked for help with setting up SSL certificates in a Docker-hosted Typesense. Jason provided suggestions but the issue remains unresolved due to port conflict.

Powered by Struct AI
Apr 05, 2023 (6 months ago)
Ian
Photo of md5-1bde4f522c70474b39040955f7638e33
Ian
08:44 PM
Hi, I was wondering if anyone could help me configure my docker hosted typesense with SSL Certificates from Let's Encrypt? This is my docker command but I'm not able to access the api on port 443.
docker run \
        -p 8108:8108 -v/tmp:/data \
        typesense/typesense:0.24.1 \
          --data-dir /data —-api-address  --api-key= --api-port 443 —-ssl-certificate /etc/letsencrypt/live/website.com/fullchain.pem —-ssl-certificate-key /etc/letsencrypt/live/website.com/privkey.pem

I am able to access typesense only using http on port 8108. If I use https on port 443 I get an xml error message that I don't think is coming from typesense.
09:00
Ian
09:00 PM
So I noticed there was something wrong with the dashes and so typesense wasn't registering the certificates.
Now I get these errors:
http_server.cpp:1065] An error occurred while trying to load server certificate file: /etc/letsencrypt/live/website.com/fullchain.pem
E20230405 20:59:30.382263     1 http_server.cpp:175] Failed to listen on  - No such file or directory
09:19
Ian
09:19 PM
Moved the certificates to a cert folder in the typesense-data directory but still get same errors
Apr 06, 2023 (6 months ago)
Jason
Photo of md5-8813087cccc512313602b6d9f9ece19f
Jason
01:48 AM
API address needs to be an IP address
Ian
Photo of md5-1bde4f522c70474b39040955f7638e33
Ian
01:02 PM
Thanks Jason. When I put the ip address in I get this error message:
http_server.cpp:175] Failed to listen on ip.address:443 - Cannot assign requested address
typesense_server_utils.cpp:511] Typesense API service has quit.
Jason
Photo of md5-8813087cccc512313602b6d9f9ece19f
Jason
02:36 PM
Could you run ifconfig and make sure that the IP address you’re using in the Typesense config file shows up in the output of ifconfig
02:37
Jason
02:37 PM
Or you can just leave out the api address parameter and Typesense will one of the public IP addresses
Ian
Photo of md5-1bde4f522c70474b39040955f7638e33
Ian
03:09 PM
I get device not found for that IP address
04:11
Ian
04:11 PM
With the IP address blank I can use my domain as the address when calling api with HTTPS and port 8108 but does not work with 443
Jason
Photo of md5-8813087cccc512313602b6d9f9ece19f
Jason
05:34 PM
You’d need to port map 443 in the docker command.

So instead of docker run -p 8108:8108 ..., you’d use docker run -p 443:443 ...
Ian
Photo of md5-1bde4f522c70474b39040955f7638e33
Ian
05:53 PM
Will try that, thanks!
07:35
Ian
07:35 PM
Hmmm....looks like something else is using that port: Error starting userland proxy: listen tcp4 0.0.0.0:443: bind: address already in use.