Changing self-signed SSL certificate

I’m deploying my first server and I’m trying to see how I can install a valid SSL certificate instead of using the self-signed one that got installed. I can’t find anywhere in the web interface where I can upload one or create one using Let’s Encrypt. I’m looking in the documentation but I can’t find anything about that.

I’m currently able to connect but only using http. If I try using https my Mac seems to refuse the connection. Probably because the self-signed SSL certificate is not recognized.

There are two ways to load certificate.
One of them

  • open port 80 to public access.
  • set domain
  • click let’s encrytp button
  • restart software with
    ferrumgate --stop
    ferrumgate --start
  • every 3 months click let’s encrytp button. Automatic refresh does not exists yet

The other way is
manually paste private and public keys

Le’ts encrypt certificates cannot validated by the client software.
We did not fixed that issue yet. please click not verify. restart client again

Is there a way to force a redirect to https as well?
I was able to install the Let’s Encrypt certificate but I would like to force https redirection if someone try to connect via http.

No we did not implemented that feature.

Perhaps it will be a problem for let’s encrypt certificates. We added to roadmap. We will think for easy use.
After getting let’s encrypt. I suggest closing port 80 for public access.

If I close port 80, Let’s Encrypt won’t be able to renew the certificate. Unless I can find a list of IP that is required to renew Let’s Encrypt certificates, in this case I could restrict it to those IP only.

We will put this feature on next version.