Configuring HTTPS
Using built-in HTTPS server
For enabling HTTPS in RPGM Server, you have to edit the Configuration file. The settings for configuring HTTPS are:
| Setting | Description |
|---|---|
| https | true if you want HTTPS to be active. |
| httpsPort | HTTPS port of the server. 443 is the default HTTPS port. |
| httpsKey | Path to the key file of the HTTPS certificate. |
| httpsCert | Path to the certificate for HTTPS. |
Here is an example of configuration:
https: true
httpsPort: 443
httpsKey: C:/certificates/privkey.pem
httpsCert: C:/certificates/cert.pem
- Do not forget to change the
rootentry in yourconfig.ymlfile to reflect your new HTTPS URL. - Also do not forget to restart RPGM Server after saving your configuration file.
Note
The port value will still listen in HTTP and will redirect to the HTTPS port.
Certificates format
Certificates should be in the PEM format. If your certificate is in the DER format, you can convert it with the openssl utility:
Using a Reverse Proxy
You can also let RPGM Server only in HTTP and use a reverse proxy to redirect HTTPS connections to HTTP. See the Reverse Proxy section.
Generating certificates
Let's Encrypt
Follow the instructions given on the official website of Let's Encrypt and Certbot for generating certificates.
Here is a sample on how to install and execute Certbot:
Warning
This example is for Debian or Ubuntu with a root session. It also may be outdated and is only here for convenience only. Check out the official website of Certbot with the link above to find the last official documentation.
# apt-get install software-properties-common
# add-apt-repository ppa:certbot/certbot
# apt-get update
# apt-get install certbot
# certbot certonly --manual
Now you have to set up a web server for reponding to the challenge for validating your website ownership.
Tip
In a futur version, Let's Encrypt will be supported out of the box in RPGM Server.
Paths of the generated file can now be used for httpsKey and httpsCert: