最初は鍵長などを疑ったのですが、結局 CSR 生成時に Common Name を空してしまったためという凡ミスです。
対処
Common Name を指定して CSR の再生成と、証明書の再生成してインポートし直したところ無事にインポートされました。
Common Name には ALBのDNS名(例: hogehoge-elb-xxxxxxxxxx.us-east-2.elb.amazonaws.com )を指定しました。
# CSR の生成
$ openssl req -new-key ./server.key -out ./server.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code)[]:JP
State or Province Name (full name)[]:
Locality Name (eg, city)[]:
Organization Name (eg, company)[]:
Organizational Unit Name (eg, section)[]:
Common Name (eg, fully qualified host name)[]: ★ここに ALB の DNS 名を指定
Email Address []:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
# 証明書の生成
$ openssl x509 -in server.csr -days365-req-signkey server.key -out server.crt
Signature ok
subject=/C=JP/CN=hogehoge-elb-xxxxxxxxxx.us-east-2.elb.amazonaws.com
Getting Private key
botocore.exceptions.CredentialRetrievalError: Error when retrieving credentials from container-role: Error retrieving metadata: Received non 200 response (500) from ECS metadata: <?xml version=\"1.0\" encoding=\"iso-8859-1\"?>\n<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"\n\t\"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n<html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"en\" lang=\"en\">\n <head>\n <title>500 - Internal Server Error</title>\n </head>\n <body>\n <h1>500 - Internal Server Error</h1>\n </body>\n</html>
TASK [create tags] *******************************************************************************************************************************************************************
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: TypeError: super() takes at least 1 argument (0 given)
(略)
$ docker-compose ps
Name Command State Ports
--------------------------------------------------------------------------------------------------------
netbox-docker_netbox-worker_1 python3 /opt/netbox/netbox ... Up
netbox-docker_netbox_1 /opt/netbox/docker-entrypo ... Up
netbox-docker_nginx_1 /docker-entrypoint.sh ngin ... Up 80/tcp, 0.0.0.0:49153->8080/tcp
netbox-docker_postgres_1 docker-entrypoint.sh postgres Up 5432/tcp
netbox-docker_redis-cache_1 docker-entrypoint.sh sh -c ... Up 6379/tcp
netbox-docker_redis_1 docker-entrypoint.sh sh -c ... Up 6379/tcp
抜粋すると、以下の通り、49153 が開放されました。
netbox-docker_nginx_1 /docker-entrypoint.sh ngin ... Up 80/tcp, 0.0.0.0:49153->8080/tcp
ただ、先程の docker-compose.yml ですと、docker-compose up のたびにポートが変わってしまい、たとえば、
netbox-docker_nginx_1 /docker-entrypoint.sh ngin ... Up 80/tcp, 0.0.0.0:49154->8080/tcp
$ docker-compose ps
Name Command State Ports
-------------------------------------------------------------------------------------------------------------------------------
netbox-docker_netbox-worker_1 python3 /opt/netbox/netbox ... Up
netbox-docker_netbox_1 /opt/netbox/docker-entrypo ... Up
netbox-docker_nginx_1 /docker-entrypoint.sh ngin ... Up 80/tcp, 0.0.0.0:8000->8080/tcp,0.0.0.0:49153->8080/tcp
netbox-docker_postgres_1 docker-entrypoint.sh postgres Up 5432/tcp
netbox-docker_redis-cache_1 docker-entrypoint.sh sh -c ... Up 6379/tcp
netbox-docker_redis_1 docker-entrypoint.sh sh -c ... Up 6379/tcp