SSL issue with docker

[umardraz]

Hi

I am trying to launch stack in docker swarm but getting some ssl issue here is my docker-compose.yml file

version: "3.3"

services:

  app:
    image: senaite/senaite:v2.5.0
    networks:
      - net
      - swarm-web
    volumes:
      - zeo:/data
    logging:
      driver: json-file
    deploy:
      labels:
        - "traefik.enable=true"
        - "traefik.docker.network=swarm-web"
        - "traefik.http.routers.senaite.entrypoints=https"
        - "traefik.http.routers.senaite.rule=Host(`demo.mydomain.net`)"
        - "traefik.http.routers.senaite.tls=true"
        - "traefik.http.routers.senaite.service=senaite"
        - "traefik.http.routers.senaite.tls.certresolver=http"
        - "traefik.http.routers.senaite.middlewares=security_headers@file"
        - "traefik.http.services.senaite.loadbalancer.server.port=8080"
      resources:
        reservations:
          cpus: '1'
          memory: 2048M
      update_config:
        parallelism: 2
        delay: 10s
      restart_policy:
        condition: on-failure

networks:
  swarm-web:
    external: true
  net:
    driver: overlay
    attachable: true
    driver_opts:
      encrypted: 'true'

volumes:
  zeo:
    driver: local

Now I am getting these error in browser console.

Error with Permissions-Policy header: Parse of permissions policy failed because of errors reported by structured header parser.Understand this errorAI
demo.mydomain.net/:1 Mixed Content: The page at 'https://demo.mydomain.net/' was loaded over HTTPS, but requested an insecure element 'http://demo.mydomain.net/++plone++senaite.core.static/images/senaite.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.htmlUnderstand this warningAI
demo.mydomain.net/:8 Mixed Content: The page at 'https://demo.mydomain.net/' was loaded over HTTPS, but requested an insecure stylesheet 'http://demo.mydomain.net/++plone++senaite.core.static/modules/bootstrap/css/bootstrap.min.css'. This request has been blocked; the content must be served over HTTPS.Understand this errorAI
demo.mydomain.net/:33 Mixed Content: The page at 'https://demo.mydomain.net/' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://demo.mydomain.net/@@senaite-addsite'. This endpoint should be made available over a secure connection.Understand this warningAI
demo.mydomain.net/:1 Mixed Content: The page at 'https://demo.mydomain.net/' was loaded over HTTPS, but requested an insecure element 'http://demo.mydomain.net/++plone++senaite.core.static/images/senaite.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.htmlUnderstand this warningAI
demo.mydomain.net/:1 Mixed Content: The page at 'https://demo.mydomain.net/' was loaded over HTTPS, but requested an insecure favicon 'http://demo.mydomain.net/++plone++senaite.core.static/images/favicon.ico'. This request has been blocked; the content must be served over HTTPS.

Would you please help me that how I can solve this issue

[ngslabex]

Can you try that:

labels:
        - "traefik.enable=true"
        - "traefik.http.routers.app.entrypoints=websecure"
        - "traefik.http.routers.app.rule=Host(`demo.mydomain.net`)"
        - "traefik.http.routers.app.tls=true"
        - "traefik.http.routers.app.service=app"
        - "traefik.http.routers.app.tls.certresolver=staging"
        - "traefik.http.services.app.loadbalancer.server.port=8080"
        - "traefik.http.routers.app.middlewares=gzip,sslheader"
        - "traefik.http.middlewares.app.addprefix.prefix='/VirtualHostBase/https/demo.mydomain.net/senaite/VirtualHostRoot'"
        - "traefik.http.middlewares.gzip.compress=true"
        - "traefik.http.middlewares.sslheader.headers.customrequestheaders.X-Forwarded-Proto=https"
        - "traefik.http.middlewares.limit.buffering.memRequestBodyBytes=20971520"

You must change twice demo.mydomain.net