How To Add Https Certificate To Piler
05 Jan 2024 - sj, tags: archiving, insights, news, product
Encrypting the http traffic is a must for several reasons. In this article we’ll see some of the options we have to acquire a https certificate.
Buy a certificate
Piler enterprise deploys nginx to serve the GUI. Using this option you buy a certificate from a provider, eg. Cloudflare, Thawte, SSL.com, then install it and configure nginx by editing /etc/piler/piler-nginx.conf to use the certificate and key provided by the certificate issuer.
Use traefik proxy
Traefik allows you to obtain and automatically renew an A-grade TLS certificate from Let’s Encrypt. (It can also use a purchased certificate as well). I personally prefer this approach, and in fact the piler installer script deploys traefik during the installation, just it’s not enabled by default. This article describes the process how to enable it.
Another option could be using Certbot from EFF. You may follow this tutorial to setup certbot: https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-20-04
Use a self-signed certificate
As a last resort, mostly for testing purposes you may create a self-signed certificate. There are several documents on the Internet describing the exact steps, eg. https://www.digitalocean.com/community/tutorials/how-to-create-a-self-signed-ssl-certificate-for-nginx-in-ubuntu-20-04-1