Deploy CA signed cert - myantandco/RA-BitnobiPilotJuly2020 GitHub Wiki

If you have a signed SSL certificate from a Certificate Authority that you wish to use with Bitnobi, you need take some extra steps after deploying Bitnobi.

The example below uses certificates obtained from letsencrypt. Instructions for obtaining letsencrypt for an AWS VM are here. If you are using a certificate from a different CA, you should update the paths for the location of your certificate and key.

Use SSH (PuTTY command in Windows) to log into your Bitnobi server for the following steps.

Use the docker ps -a command to see if the Bitnobi processes are running. If so, you will need to halt them with the command:

cd ~/ra-bitnobi
./stop.sh

Go to the directory in which you installed Bitnobi and use a text editor edit the file docker-compose-bitnobi.yml. Go to the ra-bitnobi-frontend section and uncomment the two lines to mount the certificates. Substitute your FQDN for synthesis.replica-analytics.com. If your certificate and key are not from letsencrypt, then use your certificate and key path:

ra-bitnobi-frontend:
    depends_on:
      - ra-bitnobi-backend
    image: ra-bitnobi-frontend 
    container_name: ra-bitnobi-frontend 
    restart: always
    ports:
      - "443:80"
    networks:
      - bitnobi_network
    volumes:
      - ./nginx/logs:/var/log/nginx
      - ./nginx/conf.d:/etc/nginx/conf.d
      - /etc/localtime:/etc/localtime/:ro
      - /etc/letsencrypt/live/synthesis.replica-analytics.com/fullchain.pem:/etc/ssl/certs/cert.pem/:ro
      - /etc/letsencrypt/live/synthesis.replica-analytics.com/privkey.pem:/etc/ssl/private/key.pem/:ro

Use the ./start.sh command to start Bitnobi.

Next use the docker ps -a command to verify that the bitnobi-frontend container was started successfully, then use Chrome to open the Bitnobi URL (e.g. https://synthesis.replica-analytics.com/). The Chrome browser should display the "lock" icon to the left of the address bar.