HTTPS support for Netpicker

Add an SSL Certificate

First, ensure you have the file nginx-ssl.conf in your project folder. If it’s missing, download it from the Netpicker GitHub repository.

To add a self-signed SSL certificate to Netpicker and enable HTTPS, place the following files in the certs folder:

  • private.key
  • certificate.crt

Note: Use these exact filenames!

Next, ensure your docker-compose.yml configuration includes the following volume mappings (this is commented out by default):

frontend:
  ports:
    - 443:443
  volumes:
    - ./nginx-ssl.conf:/etc/nginx/conf.d/nginx-ssl.conf
    - ./certs:/etc/nginx/certs/

Create a Self-signed SSL Certificate

If you don’t yet have a certificate, follow these steps to generate one:

  1. Generate a private key:
openssl genrsa -out private.key 2048
  1. Generate a Certificate Signing Request (CSR):
openssl req -new -key private.key -out certificate.csr
  1. Generate a self-signed certificate:
openssl x509 -req -in certificate.csr -signkey private.key -out certificate.crt

Set correct user

The certificate files created by the user will have incompatible permissions when mounted into the Docker container, as the container runs under a different internal user (UID 911).

Always perform the following step to avoid permissions issues. Execute this command to update the owner of the certificate files and nginx config:

sudo chown -R 911:911 ./certs
sudo chown -R 911:911 nginx-ssl.conf

This ensures the internal container user can read and utilize the certificates without permissions errors.