Here’s a quick note to set up a LetsEncrypt certificate for your Maltrail installation.

Note: This is probably not the appropriate way to do this. However, for a workshop that I was doing in Indonesia, the participants had to setup Maltrail on VPS instances in the cloud. So since that was a security workshop, it won’t be right to access maltrail server over port 80 (http) or use self-signed certificate :-) It was a good opportunity to promote LetsEncrypt!

  1. The operating system was Ubuntu 16.04 LTS. I had maltrail installed based on the instructions on the project’s website.
  2. The default *.pem file is server.pem and can be found in the misc/ directory. The file contains the private key & certificate information.
  3. Install LetsEncrypt

sudo apt-get install letsencrypt

  1. Create the certificate for your domain.

sudo letsencrypt certonly

  1. Replace misc/server.pem

sudo cat /etc/letsencrypt/live/yourdomain/privkey.pem > server.pem

sudo cat /etc/letsencrypt/live/yourdomain/cert.pem >> server.pem

  1. Set USE_SSL to true in maltrail.conf

USE_SSL true

  1. restart the server


Check the site & server https://yourdomain:8338