> ## Documentation Index
> Fetch the complete documentation index at: https://docs.taqtile.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Self Signed Certificate

Generate your own certs, and place the .crt and .key file into where you pointed "/etc/ssl/private/" in your docker-compose.yml. Use the WEB container itself to make them.

\
Edit the docker compose to keep the container running by adding/changing the following for the web container:\\

Starting with "restart" change that to "no" for this add the 3 lines following it:\
\
    restart: no\
    command: tail -f /dev/null\
    stdin\_open: true\
    tty: true\
\
Then "docker ls" to list to containers and their IDs\
"docker exec -itu0 \<docker container ID> /bin/sh   \\

Then run "apk update && apk install openssl"\
\
If you get an error you may need to do the following:\
\
sed -i 's/^https\:/http\:/' /etc/apk/repositories\
apk update\
apk add --no-cache ca-certificates openssl\
update-ca-certificates\
apk update && apk install openssl\
\
Once that is installed you should be able to run: \\

> openssl req -newkey rsa:2048 -x509 -nodes -keyout /etc/ssl/private/nginx-cert.key -new -out /etc/ssl/certs/nginx-cert.crt -subj /CN=\$IP\_ACCESS -config /usr/share/nginx/san.conf -reqexts SAN -extensions SAN -sha256 -days 365\\

If you get a file not found, create the san.conf with the following contents:\
\
\[ req ]\
default\_bits        = 2048\
distinguished\_name  = req\_distinguished\_name\
req\_extensions      = SAN\
extensions          = SAN\
\[ req\_distinguished\_name ]\
countryName         = US\
stateOrProvinceName = Washington\
localityName        = Seattle\
organizationName    = Taqtile\
\[SAN]\
subjectAltName      = IP:\$IP\_ACCESS\
extendedKeyUsage    = serverAuth\
basicConstraints    = CA:TRUE,pathlen:0\
\
Then point the command to that file (the -config option)
