I installed Rocket.Chat on Ubuntu 19.04 using snaps according to the official documents.
I need to enable HTTPS in order to use web hooks and API integration for other systems.
Since this server is in intranet I would like to use selfsigned SSL.
Snaps installation comes with Caddy, and Caddy has support for built-in selfsigned ssl mode only for 5 days.
I created a selfsigned PEM file but I cannot use it in caddy config file. It simply won't run.
Browser gets no response from server, for caddy's own cert or HTTP it works fine.
How can I configure my own selfsigned SSL for Caddy in order for Rocket.Chat to use?
Following caddyfile works with 5 days of selfsigned ssl:
https://rocket.local
tls self_signed
proxy / localhost:3000 {
websocket
transparent
}
Change to following and it does not respond:
https://rocket.local
tls ../cert.pem ../key.pem
proxy / localhost:3000 {
websocket
transparent
}
This may be to do with using a relative path. Try using a full path and see if that works
https://rocket.local
tls /path/to/cert.pem /path/to/key.pem
proxy / localhost:3000 {
websocket
transparent
}
Additionally if an option you could use a public domain name and caddy will automatically request a TLS cert from letsencrypt.
On the other point caddy renews self_signed certs on a short basis by design.