HTTPS Configuration

HTTPS is supported for the profiles test-local-3nodes, test-network and prod-network.

Certificate

The certificates are held in the configuration profile folder (e.g, ${MEDCO_SETUP_DIR}/configuration-profiles/test-local-3nodes):

• certificate.key: private key

• certificate.crt: certificate of own node

• srv0-certificate.crt, srv1-certificate.crt, …: certificates of all nodes of the network

Enable HTTPS for the Local Local Deployment

To enable HTTPS for the profile test-local-3nodes, replace the files certificate.key and certificate.crt from the configuration profile folder with your own versions. Such a certificate can be obtained for example through Let’s Encrypt.

Then edit the file .env from the compose profile, replace the http with https, and restart the deployment.

Configure HTTPS for the Network Test and Production Deployments

For these profiles, HTTPS is mandatory. The profile generation scripts generate and use default self-signed certificates for each node. Those are perfectly fine to be used, but because they are self-signed, an HTTPS warning will be displayed to users in their browser when accessing one of the Glowing Bear instance.

There is currently only one way of avoiding this warning: configuring the browsers of your users to trust this certificate. This procedure is specific to the browsers and operating systems used at your site.

In MedCo v1.0.0 the possibility of using your own trusted certificates will be added.