Installing Wildcard SSL Certificates on Kobo-Docker

#1

KoboToolbox Community.

First of all, thanks to everyone here for supporting the development and management of such a wonderful resource! I’m writing today to seek advice on SSL certificate installation on a virtual machine running KoboToolbox installed via the kobo-install setup.

We have been able to successfully set up kobotoolbox on a Microsoft Azure VM. We have set up the server version with frontend and backend on the same machine. All other parameters for postgres and mongo setup were left to default. Internal and external DNS routing is working in our environment. However, to date we haven’t been able to get the website to serve over HTTPS.

According to the documentation, the only step required to serve the website over HTTPS is to drop the crt and key files from a wildcard certificate into the kobo-docker/secrets folder. Is it really that simple? Or are there other settings that we need to configure in order to get our SSL certificates to activate port 443, etc?

If it is as simple as just dropping in the crt and crt files, then we will know that our certs for our three subdomains are not working properly. Hopefully someone out there has some advice or little tidbits that can push us across the finish line, we are so close! Thanks in advance!

#2

Just a note of warning: kobowiki.org is not official documentation and doesn’t seem to be up-to-date.

I can’t speak specifically to wildcards, but https://github.com/kobotoolbox/kobo-install has recently been updated to support automatic certificate generation with Let’s Encrypt. As long as your DNS resolves publicly, it should configure SSL easily. Here’s my experience setting it up on a $10/month VPS: