Version: 2026 R2

Docker Configuration

Docker is the recommended way to run AI Proxy Self-hosted. Using the prebuilt container image removes the complexity of installing .NET, managing dependencies, and configuring the runtime environment. Containerization also ensures consistent behavior across different environments — from a local machine running Docker Desktop, through production servers, to orchestration platforms such as Kubernetes or Azure Container Instances.

This guide provides ready-to-use docker-compose configurations for three main scenarios: a basic deployment with a PEM certificate, a configuration with a password-protected PFX certificate, and a more advanced deployment with Azure Application Insights integration for monitoring. Each configuration includes a description of the relevant parameters and startup instructions.

If you are deploying AI Proxy for the first time, we recommend starting with Variant 1, which uses a PEM certificate. It is the simplest option and works across all supported platforms.

Requirements

Docker Desktop or Docker Engine
an SSL/TLS certificate in PEM or PFX format
an aiconfiguration.json file

SSL Certificate

For production environments, use a certificate issued by a trusted certificate authority. For development environments, a self-signed certificate can be used. Example commands for generating one are provided at the end of this page.

Docker Compose Configurations

The following sections describe three configuration variants for different deployment scenarios.

Variant 1: PEM Certificate (`docker-compose-basic-pem.yml`)

This is the basic configuration for certificates in PEM format, such as certificates issued by Let’s Encrypt or generated with OpenSSL.

name: aiproxy_containers
services:
  ai-proxy:
    image: webconbps/aiproxy:1.0.0.235
    container_name: ai-proxy
    restart: unless-stopped
    ports:
      - "5298:8080"
      - "7033:8081"
    environment:
      - ASPNETCORE_ENVIRONMENT=Production
      - AppConfiguration__SelfHosted__Certificate__Path=/app/https/certificate.pem
      - Logging__LogLevel__Default=Information
      - Logging__LogLevel__Microsoft=Warning
    volumes:
      - ./certificates/certificate.pem:/app/https/certificate.pem:ro
      - ./aiconfiguration.json:/app/aiconfiguration.json:ro

Variant 2: PFX Certificate (`docker-compose-basic-pfx.yml`)

This configuration is intended for password-protected certificates in PFX format. This format is commonly used in Windows environments.

name: aiproxy_containers
services:
  ai-proxy:
    image: webconbps/aiproxy:1.0.0.235
    container_name: ai-proxy
    restart: unless-stopped
    ports:
      - "5298:8080"
      - "7033:8081"
    environment:
      - ASPNETCORE_ENVIRONMENT=Production
      - AppConfiguration__SelfHosted__Certificate__Path=/app/https/certificate.pfx
      - AppConfiguration__SelfHosted__Certificate__Password=<hasło>
      - Logging__LogLevel__Default=Information
      - Logging__LogLevel__Microsoft=Warning
    volumes:
      - ./certificates/certificate.pfx:/app/https/certificate.pfx:ro
      - ./aiconfiguration.json:/app/aiconfiguration.json:ro

Password security

Replace <password> with the actual password for the PFX certificate. In production environments, consider using mechanisms such as Docker secrets instead of storing the password directly in the configuration file.

Variant 3: Application Insights (`docker-compose-applicationinsights.yml`)

This configuration extends the deployment with Azure Application Insights integration, enabling performance monitoring, log collection, and overall application diagnostics.

name: aiproxy_containers
services:
  ai-proxy:
    image: webconbps/aiproxy:1.0.0.235
    container_name: ai-proxy
    restart: unless-stopped
    ports:
      - "5298:8080"
      - "7033:8081"
    environment:
      - ASPNETCORE_ENVIRONMENT=Production
      - AppConfiguration__SelfHosted__Certificate__Path=/app/https/certificate.pem
      - 'AppConfiguration__ApplicationInsightsConnectionString=<connection-string>'
      - Logging__LogLevel__Default=Information
      - Logging__LogLevel__Microsoft=Warning
      - Serilog__Using__0=Serilog.Sinks.Console
      - Serilog__Using__1=Serilog.Sinks.ApplicationInsights
      - Serilog__WriteTo__0__Name=Console
      - Serilog__WriteTo__1__Name=ApplicationInsights
      - 'Serilog__WriteTo__1__Args__connectionString=<connection-string>'
      - Serilog__WriteTo__1__Args__telemetryConverter=Serilog.Sinks.ApplicationInsights.TelemetryConverters.TraceTelemetryConverter, Serilog.Sinks.ApplicationInsights
    volumes:
      - ./certificates/certificate.pem:/app/https/certificate.pem:ro
      - ./aiconfiguration.json:/app/aiconfiguration.json:ro

Connection String from Azure

Replace <connection-string> with the actual connection string from Azure Portal, in the Application Insights > Properties section.

How to run AI Proxy - step by step

1. Prepare the files

Create a certificates directory and place your certificate file in it:

mkdir certificates
# Copy your certificate to ./certificates/certificate.pem (or .pfx)

Make sure the aiconfiguration.json file is located in the same directory as the docker-compose file.

2. Container startup

docker-compose up -d

3. Check the status

# Check if the container is running
docker-compose ps

# View logs
docker-compose logs -f ai-proxy

4. Shutdown

docker-compose down

Generating test certificates

For development environments, you can generate a self-signed certificate.

PEM Certificate (OpenSSL)

# Generate certificate
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes

# Combine into one file
cat key.pem cert.pem > certificate.pem

# Move to certificates directory
mv certificate.pem ./certificates/

PFX Certificate (PowerShell)

# Generate certificate
$cert = New-SelfSignedCertificate -DnsName "localhost" -CertStoreLocation "cert:\CurrentUser\My" -NotAfter (Get-Date).AddYears(1)

# Export to PFX
$password = ConvertTo-SecureString -String "YourPassword123" -Force -AsPlainText
Export-PfxCertificate -Cert $cert -FilePath ".\certificates\certificate.pfx" -Password $password

Troubleshooting

Container does not start

# Check logs
docker-compose logs ai-proxy

# Check status
docker ps -a

Possible causes:

the certificate file is missing from the ./certificates/ directory,
the aiconfiguration.json file is invalid,
ports 5298 or 7033 are already in use.

Ports occupied

If the required ports are already in use, change them in the docker-compose.yml file:

ports:
  - "5299:8080"  # Change first port
  - "7034:8081"  # Change first port

Then check which process is using the port:

netstat -ano | findstr :7033

Certificate problems

# Check if certificate is valid
openssl x509 -in ./certificates/certificate.pem -text -noout

# Check if container sees the file
docker exec ai-proxy ls -l /app/https/

Requirements​

Docker Compose Configurations​

Variant 1: PEM Certificate (docker-compose-basic-pem.yml)​

Variant 2: PFX Certificate (docker-compose-basic-pfx.yml)​

Variant 3: Application Insights (docker-compose-applicationinsights.yml)​

How to run AI Proxy - step by step​

1. Prepare the files​

2. Container startup​

3. Check the status​

4. Shutdown​

Generating test certificates​

PEM Certificate (OpenSSL)​

PFX Certificate (PowerShell)​

Troubleshooting​

Container does not start​

Ports occupied​

Certificate problems​