config.yml, some settings are for enabling HTTPS:
|httpsPort||HTTPS port of the server. 443 is the default HTTPS port.|
|httpsKey||Path to the key file of the HTTPS certificate.|
|httpsCert||Path to the certificate for HTTPS.|
If you use HTTPS, you will certainly want
httpsInstances to be true, this forces PGM instances to be over HTTPS.
Here is a sample on how to install and execute Certbot:
This example is for Debian or Ubuntu with a root session. It also may be outdated and is only here for convenience only. Check out the official website of Certbot with the link above to find the last official documentation.
# apt-get install software-properties-common # add-apt-repository ppa:certbot/certbot # apt-get update # apt-get install certbot # certbot certonly --manual
Now you have to set up a web server for reponding to the challenge for validating your website ownership.
In a futur version, Let's Encrypt will be supported out of the box in RPGM Server.
Paths of the generated file can now be used for
httpsKey: /etc/letsencrypt/live/example.com/privkey.pem httpsCert: /etc/letsencrypt/live/example.com/cert.pem
Using a Reverse Proxy
See the HTTPS section in the Reverse Proxy section.