Here’s a quick note to set up a LetsEncrypt certificate for your Maltrail installation.
Note: This is probably not the appropriate way to do this. However, for a workshop that I was doing in Indonesia, the participants had to setup Maltrail on VPS instances in the cloud. So since that was a security workshop, it won’t be right to access maltrail server over port 80 (http) or use self-signed certificate :-) It was a good opportunity to promote LetsEncrypt!
- The operating system was Ubuntu 16.04 LTS. I had maltrail installed based on the instructions on the project’s website.
- The default *.pem file is server.pem and can be found in the misc/ directory. The file contains the private key & certificate information.
- Install LetsEncrypt
sudo apt-get install letsencrypt
- Create the certificate for your domain.
sudo letsencrypt certonly
- Replace misc/server.pem
sudo cat /etc/letsencrypt/live/yourdomain/privkey.pem > server.pem
sudo cat /etc/letsencrypt/live/yourdomain/cert.pem » server.pem
- Set USE_SSL to true in maltrail.conf
- restart the server
Check the site & server https://yourdomain:8338