If you are working with mobile apps, it is required that your server supports SSL.
Rocket.Chat is a "middle-tier application server", by itself it does not handle SSL. However, Rocket.Chat works well with several industrial grade, battle-tested, reverse proxy servers that you can configure to handle SSL.
You should find yourself in one of the two situations:
The Rocket.Chat server is publicly accessible on the internet.
The Rocket.Chat server is not accessible on the internet.
This doc has been broken down into two separate sections, walking you through either of the camps you might find yourself in.
The Rocket.Chat server is publicly accessible on the internet
If your server is publicly accessible, it is recommended that you use a service like Let's Encrypt to obtain your SSL certificates. A detailed guide for configuring your choice of SSL Reverse proxy servers is provided here: Configuring SSL Reverse Proxy
Here we used our root key to create the root certificate that needs to be distributed in all the computers that have to trust us.
NOTE: It is not recommended that you distribute this root certificate in production. A breach of the above-generated key will open every device that trusts your root certificate to potential security threats.
Step 2: Create an SSL certificate
Create the certificate key
openssl genrsa -out mydomain.com.key 2048
Here, mydomain.com should be replaced with your IP address (Bonjour local domains work as well!)
Create the certificate signing request
Important: Please mind that while creating the certificate signing request is important to specify the Common Name providing the IP address or URL for the service, otherwise the certificate cannot be verified.