You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Renaming certs, especially letsencrypt certs is problematic for several reasons, mostly security. It would be ideal if SSL certs could be managed by Letsencrypt, as they are free and can be setup easily as part of the installation process, or requirements prior to installation. For those using traditional registrars to manage SSL certs it would also be nice to leave certs named as registrars provide them to make setting up SSL more seamless in this application.
I see the filenames for certs are hardcoded into the server.js file, but ideally those could be defined as environment variables in the docker-compose file as a full path pointing to letsencrypt certs in /etc/letsencrypt/live/[domain.tld] with values:
cert.pem
chain.pem
fullchain.pem
privkey.pem
Perhaps just providing the full path for each file is best, as that will allow cert, chain, and key files to be setup no matter what the path and/or filename is.
Thanks!
The text was updated successfully, but these errors were encountered:
Renaming certs, especially letsencrypt certs is problematic for several reasons, mostly security. It would be ideal if SSL certs could be managed by Letsencrypt, as they are free and can be setup easily as part of the installation process, or requirements prior to installation. For those using traditional registrars to manage SSL certs it would also be nice to leave certs named as registrars provide them to make setting up SSL more seamless in this application.
I see the filenames for certs are hardcoded into the server.js file, but ideally those could be defined as environment variables in the docker-compose file as a full path pointing to letsencrypt certs in
/etc/letsencrypt/live/[domain.tld]with values:cert.pemchain.pemfullchain.pemprivkey.pemPerhaps just providing the full path for each file is best, as that will allow cert, chain, and key files to be setup no matter what the path and/or filename is.
Thanks!
The text was updated successfully, but these errors were encountered: