Ozone SSL Setup

Hello Everyone, I’m looking for information on a couple things that I haven’t seem to have been able to find.

  1. Configuring the server to use a custom domain. (Are there any other steps necessary besides A records that point to the server?)
  2. (Once the domain is setup,) how do you configure your server to use an SSL certificate for a secure connection.

Thanks in advance, Jack

/cc: @ruhanga @achachiez

We have an env variable called PROXY_TLS_CERTS_PATH. You will need to obtain your TLS certs, place them in a secure folder and set PROXY_TLS_CERTS_PATH to the location of the folder. Note we expect the certs to be named;

cert.pem - Certificate

chain.pem - Certificate Fullchain

privkey.pem - Certificate private key

Take a look at https://letsencrypt.org/ to generate free certificates or see what options your domain host provides. For the custom domain, your domain host should provide a guide on pointing an A record to the server where Ozone is running,

1 Like

@achachiez this should be documented in the READMEs, not here.

@kdaud could you make an attempt at expending the documentation by adding a Setting up SSL title in the manual instructions page?

Done via this PR.

1 Like

I’m glad this was accomplished!

Thanks for the help.

Does anything else in the env file need to be changed, such as the HOST_URL to the domain name that’s pointing to the server?

Yeah you need to change that

@kdaud you should wait until you have figured out enough information to put on the PR before opening it, or convert it to a draft PR for the time being.


So, after completing the steps you mentioned (changing env variables), the start-demo process seems to be stuck on the fifth step of the docker build process: RUN apk add curl iproute2 iputils less nano tree ca-certificates lsof --no-cache. It’s been running for 16 minutes, and hasn’t gotten anywhere.

I will attach the complete install log here.

Thanks for the help,


@jack.carney2 could be the issue is due to the connectivity. Check it out and try again.

@jack.carney2 the command that times out is a standard Debian command for installing packages. You need to figure out why it times out on your end when you run it in isolation of doing anything with Ozone.

Today I tested the installation again on the fresh server, and I’m still stuck at the same build step.

Maybe because I’m running it on Ubuntu? Would that make a difference? I know apk isn’t a command on Ubuntu.

I ran sudo apt update && sudo apt install curl iproute2 iputils-ping less nano tree ca-certificates lsof outside of Ozone, and then deleted the RUN apk add curl iproute2 iputils less nano tree ca-certificates lsof --no-cache command from the dockerfiles. The installation proceeded without any errors after that.

(As a side note, the SSL cert installed successfully. Thank you. :slight_smile: )

@mksd @kdaud

Any ideas on this? I’ve tried installing multiple times without success, and it being stuck on this build command.

@achachiez have a look at this message from @jack.carney2 above.

Any idea why this happens? Looks like it’s timing out within the container and not when run directly on the host?

@achachiez any idea? This is still occurring.

If you’re in need of testing resources, I’d be happy to spin up a Google Cloud instance for you.

@jack.carney2 could you share the build plan of what happens in the terminal?

@jack.carney2 ideally, this should just work as the steps in the Dockerfile should not be impacted by the host issue. My guess is something is blocking Egress requests out of the host. That is the first place to check. If this worked for you on Gitpod, it should work anywhere else with a well-configured Docker setup.