Installing an SSL certificate

[Nakatomi2010]

What's the best approach to installing an SSL certificate on this?

Not totally familiar with how to manipulate a docker image.

[github-actions[bot]]

Thanks for opening your first issue here! Be sure to follow the bug or feature issue templates!

[aptalca]

We recommend reverse proxying via SWAG: https://github.com/linuxserver/docker-swag

[Nakatomi2010]

I'm a bit rookie on docker related things.

There a guide on how to make the two containers play nice and work?

I'm aware that only one image can use a port at a time, so the details are a bit fuzzy to me.

[aptalca]

https://docs.linuxserver.io/general/swag

[Nakatomi2010]

Well that was unhelpful.

[aptalca]

You asked for a guide, I linked you a very comprehensive guide. I don't know what else you expected.

The guide I linked answers your question about the ports and how to make those two containers play nice and work.

Plus, you completely ignored the issue template we have, which tells you that this is a platform for reporting bugs and feature requests. Any support related questions should be directed to our forum or discord channel.

[Nakatomi2010]

Understood.

I will use a different method.

I apologize for bothering you

[aptalca]

No need to apologize and no need to be passive aggressive. Feel free to use a different method, or you can read the stuff we put a lot of time and effort into. Up to you. Good luck.

[chepe263]

Probably not a recommended method., for future reference:

tl;dr

Place your own certificates inside the container /config/keys

---

You need your own certificate, must be named cert.crt; and private key, must be named cert.key

After you create your container, locate your config folder, for instance /docker-settings/linuxserver-grocy. Inside the container, this might be /config

Inside your config folder, there might be a folder called keys

$ ls /docker-settings/linuxserver-grocy/keys
cert.crt  cert.key

1. Stop the container
2. Put your own cert.crt and cert.key inside /docker-settings/linuxserver-grocy/keys.
3. Make sure you added a port bind for 443 (inside container) to a port on the host (for instance 9443).
4. Restart container

When you visit grocy in your browser, make sure you are using https.

[FelixM01]

thank you @chepe263 for this easy guide.

Unfortunately it doesn't work for me right now. Does this work with a self signed Certificate? Because when using google chrome, I get the message invalid certificate. When Using the current iOS app (2.10.3), i get: "Error: an SSL-Error occured. A secure connection to the server couldn't be established"

I am quite stressed, because the iOS app needs an https connection to work outside of my home network

Best regards Felix

[j0nnymoe]

Put it behind a reverse proxy like previously suggested.

[chepe263]

It does work with self signed certificates.

does it work if you visit the website using safari?

did you change your iso grocy client with the appropiate host and https port (https://my-docker-host.lan:9443)?

iOS is a little picky when using hostnames in my local network and I must add ".lan" at the end. Yours might be different.

did you add your self signed certificate to ios trusted? (general -> vpn & device management)?

what if you restart your container and your client device?

or do the reverse proxy thingy.