Auto configure HTTPS with Let's Encrypt on Debian and Ubuntu
Important requirement: This tutorial assumes your machine has a valid domain name assigned in order to work with let’s encrypt. If you want to use user provided certificates or self-signed certificates skip to the next section
Note: the configuration does not support serving passbolt on a subdirectory fashion. For example, scenarios like https://mydomain.com/passbolt are not supported by default
Install or reconfigure passbolt
If you don’t have passbolt installed please check on the hosting section for more information on how to install passbolt on debian.
If you have already installed passbolt or you are using our already packaged virtual machine or Digital Ocean image then you want to execute the following command to start the configuration process for SSL:
sudo dpkg-reconfigure passbolt-pro-server
If you are reconfiguring passbolt you most likely want to say ‘NO’ to the mariadb setup question and go for the nginx setup
Passbolt debian and ubuntu packages currently supports the configuration of nginx. It comes with a default configuration that supports:
- Serve passbolt on port 80 (http)
- Serve passbolt on port 443 (https)
The following steps will guide you through the option that uses Let’s encrypt method to enable SSL.
fig. Configure nginx dialog
After choosing yes you will be prompted with the following dialog where you can choose which method you prefer to configure SSL on nginx:
fig. nginx SSL dialog
You will now need to introduce the name of the domain name assinged to your server:
fig. nginx domain name
Finally you will need to provide an email address for Let’s encrypt to notify you for renewals and other admin info:
fig. lets encrypt admin email
If everything goes fine you should see a final message that points you to finish passbolt configuration:
fig. Success message
Last updated
This article was last updated on September 20th, 2020.
Are you experiencing issues when installing passbolt?
Ask the community!