Using pihole's SSL for cockpit

[revpixel]

Using Pi‑hole’s Let’s Encrypt Certificate for Cockpit (Automatic Nightly Sync)
I ran into a setup a lot of people seem to have: Pi‑hole v6 and Cockpit running on the same machine. Pi‑hole already handles my Let’s Encrypt certificate automatically, but Cockpit still defaults to its own self‑signed cert — which means you get the usual browser warnings even though a valid cert already exists.

Instead of configuring Cockpit’s SSL separately (or running a second ACME client), I wrote a tiny script that:

• extracts the certificate and private key from Pi‑hole’s tls.pem
• overwrites Cockpit’s self‑signed cert + key
• restarts the Cockpit service
• runs nightly via cron so Cockpit always stays synced with Pi‑hole’s LE cert

I placed the script here: /usr/local/bin/update-cockpit-cert.sh

update-cockpit-cert.sh

This lets Pi‑hole remain the single source of truth for SSL, and Cockpit simply picks up the updated cert automatically every night. No duplicate ACME setups, no manual renewals, no extra configuration — just reuse the cert you already have.

[jelly]

Interesting setup, thanks for sharing 👍