From e7549cf884cb6f3f1e3a58d22336d4fa997450c4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?H=C3=A9l=C3=A8ne=20Martin?= Date: Wed, 26 Aug 2020 15:25:57 -0700 Subject: [PATCH] Add details for custom SSL cert files --- odk1-src/central-install-digital-ocean.rst | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/odk1-src/central-install-digital-ocean.rst b/odk1-src/central-install-digital-ocean.rst index c0adefb65..09f4cc5a1 100644 --- a/odk1-src/central-install-digital-ocean.rst +++ b/odk1-src/central-install-digital-ocean.rst @@ -233,10 +233,11 @@ Using a Custom SSL Certificate By default, ODK Central uses Let's Encrypt to obtain an SSL security certificate. For most users, this should work perfectly, but larger managed internal networks may have their own certificate trust infrastructure. To use your own custom SSL certificate rather than the automatic Let's Encrypt system: -1. Generate appropriate ``fullchain.pem`` (``-out``) and ``privkey.pem`` (``-keyout``) files. -2. Copy those files into ``files/local/customssl/`` within the repository root. -3. In ``.env``, set ``SSL_TYPE`` to ``customssl`` and set ``DOMAIN`` to the domain name you registered. As an example: ``DOMAIN=MyOdkCollectionServer.com``. Do not include anything like ``http://``. -4. Build and run: ``docker-compose build nginx``, ``docker-compose stop nginx``, ``docker-compose up -d nginx``. If that doesn't work, you may need to first remove your old nginx container (``docker-compose rm nginx``). +1. Generate a ``fullchain.pem`` (``-out``) file which contains your certificate followed by any necessary intermediate certificate(s). +2. Generate a ``privkey.pem`` (``-keyout``) file which contains the private key used to sign your certificate. +3. Copy those files into ``files/local/customssl/`` within the repository root. +4. In ``.env``, set ``SSL_TYPE`` to ``customssl`` and set ``DOMAIN`` to the domain name you registered. As an example: ``DOMAIN=MyOdkCollectionServer.com``. Do not include anything like ``http://``. +5. Build and run: ``docker-compose build nginx``, ``docker-compose stop nginx``, ``docker-compose up -d nginx``. If that doesn't work, you may need to first remove your old nginx container (``docker-compose rm nginx``). .. _central-install-digital-ocean-custom-mail: