--- title: "Core Linux - SSL Certificate Installation" slug: "test-modeller-core-linux-ssl-certificate-installation-1" description: "Test Modeller Core Linux - SSL Certificate Installation" tags: ["Test Modeller", "Installation"] updated: 2024-10-07T08:59:30Z published: 2024-10-25T09:44:03Z --- > ## Documentation Index > Fetch the complete documentation index at: https://knowledge.curiositysoftware.ie/llms.txt > Use this file to discover all available pages before exploring further. # Core Linux - SSL Certificate Installation This article covers adding an SSL certificate to modeller to host it over HTTPS. ## 1 - Obtain SSL Certificate For testing you can create a self-singed SSL Certificate. | **sudo** **openssl** **req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /nginx/server.key -out /nginx/server.crt** | | --- | It is recommended for production you obtain a signed SSL certificate from a registered issuing authority. You should have a .crt and a .key file. Place these on the host machine's local storage. If you have paced them in a directory different than "/nginx", edit the volumes key in the **docker-compose.yml** file accordingly – replace these sections with your location. --- ## 2 - Setup the custom SSL configuration The package folder comes with a file called **docker-compose-ssl.ym****l** - we will want to copy that file into a new file called **docker-compose-custom.ym****l** and then potentially edit this newly created file. If you already have a **docker-compose-custom.yml** file with some custom configuration elements, we will simply be editing that file instead. ```shell cp docker-compose-ssl.yml docker-compose-custom.yml ``` By default, the **docker-compose-ssl.ym****l** file expects the certificate files obtained in step 1 to be available on the host machine at the following location: **/nginx/server.crt** **/nginx/server.key** If you are able to place the files there, you can simply proceed to the next step. If you are unable to place the certificate files in the **/nginx** folder for some reason (e.g. permissions), you can edit the **docker-compose-custom****.yml** file to change the location or names of the certificate files under the **volumes** section of **nginx** ```yaml nginx: image: nginx volumes: - ./nginx/nginx-https.conf:/etc/nginx/nginx.conf - [certificate-file-on-host]:/etc/nginx/server.crt - [key-file-on-host]:/etc/nginx/server.key ``` --- 3 - Start (or restart) the Quality Modeller Services Start the Quality Modeller services. ```shell ./run.sh ``` --- ## 4 - Enable TLS v1.2 (Optional) If you wish to enable TLS v1.2, you also need to edit the **package/nginx/nginx-https.conf** file to have the following values under the server block. Then restart the Quality Modeller services as described in step 4 above. | **ssl_ciphers EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH;** **ssl_protocols TLSv1.2;** | | --- | ## Related - [Quality Modeller](/get-started-with-test-modeller.md)