how install ssl o3 openmrs

bhuvi_123 · January 27, 2026, 5:43am

this is my installation setup

santosh · January 27, 2026, 6:52am

Use Nginx as a reverse proxy. First, map the server IP to the domain. Then configure SSL in the Nginx sites-available config. If you can share more details about your setup, I can help you further.

bhuvi_123 · January 27, 2026, 10:49am

I have install the O3 openmrs setup with help of this link Setting up an instance of O3 – O3 Docs which docker base installtion and my containers details given below. i am using ubuntu 24.04 LTS. domain also mapped with the ip address.

jayasanka · January 27, 2026, 11:51am

Hey @bhuvi_123, @santosh’s response is a solid approach. As another option you could also take a look at this override file:

github.com/openmrs/openmrs-distro-referenceapplication

docker-compose.ssl.yml

f3e4600e2

services:
  certbot:
    image: openmrs/openmrs-reference-application-3-certbot:${TAG:-qa}
    environment:
      SSL_MODE: ${SSL_MODE:-dev}  # "dev" for self-signed certificates, "prod" for Let's Encrypt
      SSL_STAGING: ${SSL_STAGING:-false}  # Set to "true" to use Let's Encrypt staging environment (for testing)
      CERT_WEB_DOMAINS: ${CERT_WEB_DOMAINS:-localhost,127.0.0.1}  # Comma-separated list of domains, first is primary
      CERT_WEB_DOMAIN_COMMON_NAME: ${CERT_WEB_DOMAIN_COMMON_NAME:-}  # Override primary domain (optional)
      CERT_CONTACT_EMAIL: ${CERT_CONTACT_EMAIL:-}  # Email for Let's Encrypt notifications (required for prod mode)
      CERT_RSA_KEY_SIZE: ${CERT_RSA_KEY_SIZE:-4096}  # RSA key size for certificates
      CERT_PROFILE: ${CERT_PROFILE:-}  # Certificate profile: classic, tlsserver, or shortlived (required for IP addresses)
      CERTBOT_DATA_PATH: /var/www/certbot
      CERT_ROOT_PATH: /etc/letsencrypt
    volumes:
      - letsencrypt-data:/etc/letsencrypt
      - certbot-data:/var/www/certbot

  gateway:
    environment:
      CERT_WEB_DOMAIN_COMMON_NAME: ${CERT_WEB_DOMAIN_COMMON_NAME:-localhost}

This file has been truncated. show original

Feel free to use whichever works best for your setup!

bhuvi_123 · February 3, 2026, 4:09am

Hi jayasanka, its not working for me

ibacher · February 4, 2026, 5:57pm

We haven’t actually published the certbot image yet. It’s dev-only, so you’d have to build things locally.