Not the answer you need?
Register and ask your own question!

Trusted certificates (SSL/TLS) instead of self signed cdrtificates

Does PMM support the use of "trusted" certificates, i.e. let's encrypt instead via some docker environment variable?


  • stefan-nlstefan-nl Entrant Inactive User Role Novice
    log in to docker container and replace the following files with your own key/certificate(s):

    - /srv/nginx/certificate.key
    - /srv/nginx/certificate.crt
    - /srv/nginx/ca-certs.pem

    Changing other settings of nginx (like redirect 80 -> 443) can not be persistently changed as those reside on /etc/nginx. Maybe move the nginx conf to /srv/nginx to make persistent changes?
  • Sean225Sean225 Entrant Current User Role Supporter
    How do I log into the docker container? I remember doing this when PMM first came out, but have since forgotten. Would I change the actual files within the docker image? I remember an earlier v1 setting for mounting /etc/pmm-certs to /srv/nginx/ in the startup to PMM-server.
  • lorraine.pocklingtonlorraine.pocklington Percona Community Manager Legacy User Role Patron
    There is now a feature request for the original request, you can follow that at
    Thanks to stefan-nl for creating the post.
  • johnpittonjohnpitton Entrant Current User Role Supporter
    One can also always just mount the volume too while issuing the docker run command. Make sure to include the dhparam.pem along with the ca, cert and key within this volume.
    {... -v /etc/nginx/ssl:/srv/nginx ...}

    To "log into" the docker container and get a bash prompt you just issue:
    {docker exec -it pmm-server /bin/bash}
Sign In or Register to comment.

MySQL, InnoDB, MariaDB and MongoDB are trademarks of their respective owners.
Copyright ©2005 - 2020 Percona LLC. All rights reserved.