Skip to content

SSL with internal web server #492

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
justADeni wants to merge 1 commit into
base: master
Choose a base branch
from
Open

SSL with internal web server #492

justADeni wants to merge 1 commit into from

Conversation

@justADeni
Copy link

@justADeni justADeni commented Nov 6, 2025
edited
Loading

Why?

I know there are other methods such as reverse proxy or simply running a different web server but I think this is a simple and intuitive alternative which could make life easier for non-insignificant amount of server owners.

Drawbacks

Letsencrypt issues certificates for 90 days, and even the longest-lasting certificates are 398 days at most, this number shrinking to 47 days by 2029. Thus, the process of generating a keystore file and placing it into the plugin data directory could need to be automated, perhaps by a bash script, or we could eventually look into auto-renewal strategies using ACME and Letsencrypt.

The following would need to be added to docs/wiki:

In the folder containing your .pem certificates from Letsencrypt or any other provider, run this command:
openssl pkcs12 -export -in fullchain.pem -inkey privkey.pem -out keystore.p12 -name undertow -password pass:
to generate keystore.p12 file, which you can then place in /plugins/squaremap/ folder and restart the server. Voilà

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@justADeni