Use Let’s Encrypt certificates with CockpitJune 7, 2022
Cockpit is free and open-source software that provides a web-based graphical interface for Linux servers. When using Cockpit the the following URL is needed to access it at https://your-domain-name:9090, and for the reason since your accessing a secure HTTPS that is not secure and the following screen appears.
If your have Let’s Encrypt SSL install on your Ubuntu and Debian instance, then in this tutorial can help you secure your Cockpit connection.
In this tutorial we are not going to explain how to install Cockpit, for that you willl need to go to the following Cockpit install.
Cockpit loads certificates from the
/etc/cockpit/ws-certs.d directory. It will use the last file in the directory with a
.crt extension in alphabetical order. The private key can be contained in a separate file with the same name as the certificate, but with a
.key suffix instead. The key must not be encrypted.
This can be achieved by copying the Let’s Encrypt key and certificate to the correct location for Cockpit.
cp /etc/letsencrypt/live/yourdomain/fullchain.pem /etc/cockpit/ws-certs.d/yourdomain.crt
cp /etc/letsencrypt/live/yourdomain/privkey.pem /etc/cockpit/ws-certs.d/yourdomain.key
After copying the file then we have to give it the correct permission.
chown cockpit-ws:cockpit-ws /etc/cockpit/ws-certs.d/yourdomain.crt
chown cockpit-ws:cockpit-ws /etc/cockpit/ws-certs.d/yourdomain.key
Restarting the Cockpit server (
systemctl restart cockpit) should get the updated certificate in place. From this point you should see the login screen for Cockpit on https://your-domain-name:9090
That should do it!