Just use Apache or NGINX reverse proxy to handle the SSL... Or if you really go down that road with M/Monit, here are some hints below.
Eventually backup your container as it is,
docker commit -p mmonitprod mmonit.`date +%s`.before.ssl
Make sure the hostname you are going to use resolves itself on the container, e.g.,
vi /etc/hosts 172.17.0.4 mmonit.example.com mmonit
From the docker host, CONCATENATE IN THAT ORDER and send your SSL certificates to the container,
cd /etc/httpd/ssl/ cat private_key.pkey certificate.crt intermediate_and_ca.crt > allcert.pem chmod 400 allcert.pem cp -p allcert.pem /data/mmonitprod/
Note. alternatively, you could also,
#on the docker host, cp -p allcert.pem ~scpuser/ chown scpuser:scpuser ~scpuser/allcert.pem #on the mmonit container, apt install openssh-client scp remoteuser@dockerhost:~/alcert.pem ~/ #back to the docker host, don't forget to, rm -f ~scpuser/allcert.pem
In any case, make sure
allcert.pem is copied into
mmonit/conf/ with perms 400 and ownership (TODO CHECK root vs mmonit user).
cd /root/mmonit/conf/ cp -pi server.xml server.xml.dist export TERM=xterm vi server.xml <Connector address="*" port="443" processors="10" secure="true" /> <Engine name="mmonit" defaultHost="mmonit.example.com" fileCache="10MB"> <Host name="mmonit.example.com" appBase="." address="172.17.0.4" certificate="conf/allcert.pem">
Note. change to container's IP address accordingly.