Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Management Access: Using my own SSL Certificate for HTTPS

Featured Replies

Hi All,

 

I have been using the Linuxserver.io swag container for many years now. I use this to generate a wildcard certificate for my custom domain via LetsEncrypt (LE) and it works great.

 

Since Apple have recently amended the Safari autofill feature on IOS to only do so if you are accessing a website via HTTPS it is forcing me to enable this on my LAN services.  Basically I use unbound within pfsense to hostoveride access to my app.domain.etc (within my LAN) and take me to the internal IP of my LAN services. 

 

Anyway, I digress. I have been able to get this working and install my wildcard certifate for every LAN service except unRAID. That's because what unraid is asking for is slightly different to everyone else. unRAID is asking for a bundle file.

 

Swag only produces these files (I believe it used to create a bundle file but it doesn't seem to anymore):

 

cert.pem

chain.pem

fullchain.pem

privkey.pem

README

 

None of these appear to be the bundle file that unRAID is looking for. When I open the file that unRAID has there there are more cert's in there than any single file generated above. My Google Fu seems to suggest that a bundle file is some combination of these files but there is so much LE information out there Im finding it hard to figure it out. It also doesn't help that there so many different names for the same thing, things changing over time and even file names don't seem to be named what they are commonly referred to.

 

So I turn to you good community, can you help me figure out how I generate the bundle file that unRAID is after from the files that LE certbot generates when producing / renewing keys?

 

Thank you!

 

D

  • Author

Bump.

 

Any forum or web links to some possibly relevant information would be helpful. 

Edited by danioj

Combine them in a single file in this order:

 

private

cert

fullchain

 

Config unraid with that single file.

  • 3 months later...

Any follow up on this ? I plan to do something similar for the same reason as OP, since Apple requires https for autofill. I would like to use my own domain too. Has previous method worked for combining files ?

  • 1 month later...

I have the same setup as OP, and faced the same issue. I did discover that SWAG does provide a bundle file, and was able to import my custom Let’s Encrypt wildcard cert no problem. 
 

I use Ansible to manage all of my servers so I wrote a small playbook that will install the cert: 

 

https://github.com/digilink/unraid-ansible/blob/main/add_unraid_cert.yaml

 

My particular setup allows me to retrieve certs via an htaccess protected directory on the SWAG instance itself. 

 

Hope this helps someone. 

  • 1 year later...
On 11/10/2023 at 4:43 PM, danioj said:

Hi All,

 

I have been using the Linuxserver.io swag container for many years now. I use this to generate a wildcard certificate for my custom domain via LetsEncrypt (LE) and it works great.

 

Since Apple have recently amended the Safari autofill feature on IOS to only do so if you are accessing a website via HTTPS it is forcing me to enable this on my LAN services.  Basically I use unbound within pfsense to hostoveride access to my app.domain.etc (within my LAN) and take me to the internal IP of my LAN services. 

 

Anyway, I digress. I have been able to get this working and install my wildcard certifate for every LAN service except unRAID. That's because what unraid is asking for is slightly different to everyone else. unRAID is asking for a bundle file.

 

Swag only produces these files (I believe it used to create a bundle file but it doesn't seem to anymore):

 

cert.pem

chain.pem

fullchain.pem

privkey.pem

README

 

None of these appear to be the bundle file that unRAID is looking for. When I open the file that unRAID has there there are more cert's in there than any single file generated above. My Google Fu seems to suggest that a bundle file is some combination of these files but there is so much LE information out there Im finding it hard to figure it out. It also doesn't help that there so many different names for the same thing, things changing over time and even file names don't seem to be named what they are commonly referred to.

 

So I turn to you good community, can you help me figure out how I generate the bundle file that unRAID is after from the files that LE certbot generates when producing / renewing keys?

 

Thank you!

 

D

hello, could you please let me know how you enabled https in local lan? I watched a video to setup proxy with swag and it’s working fine with that subdomains but I want to enable https for my local lan IPs… plz let me know.

TIA

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.