How To Add Https Certificate To Piler

05 Jan 2024 - sj, tags: archiving, insights, news, product

Encrypting the http traffic is a must for several reasons. In this article we’ll see some of the options we have to acquire a https certificate.

Buy a certificate

Piler enterprise deploys nginx to serve the GUI. Using this option you buy a certificate from a provider, eg. Cloudflare, Thawte, SSL.com, then install it and configure nginx by editing /etc/piler/piler-nginx.conf to use the certificate and key provided by the certificate issuer.

Use traefik proxy

Traefik allows you to obtain and automatically renew an A-grade TLS certificate from Let’s Encrypt. (It can also use a purchased certificate as well). I personally prefer this approach, and in fact the piler installer script deploys traefik during the installation, just it’s not enabled by default. This article describes the process how to enable it.

Use certbot

Another option could be using Certbot from EFF. You may follow this tutorial to setup certbot: https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-20-04

Use a self-signed certificate

As a last resort, mostly for testing purposes you may create a self-signed certificate. There are several documents on the Internet describing the exact steps, eg. https://www.digitalocean.com/community/tutorials/how-to-create-a-self-signed-ssl-certificate-for-nginx-in-ubuntu-20-04-1