Supporting SSL for development on Rocket.Chat
If you are working with mobile apps, it is required that your server supports SSL.
Rocket.Chat is a "middle-tier application server." It does not handle SSL itself; however, Rocket.Chat works well with several industrial grade, battle-tested, reverse proxy servers that you can configure to handle SSL.
You should find yourself in one of the two situations:
- The Rocket.Chat server is publicly accessible on the internet.
- The Rocket.Chat server is not accessible on the internet.
This document has been broken down into two separate sections, walking you through either of the situations you might find yourself in.
If your server is not accessible on the internet, you will need to provide self-signed certificates to configure SSL on the server.
In this document, we will be creating a self-signed root certificate and using it to generate our SSL certificates. The steps written below have been adapted from Self Signed Certificate with Custom Root CA.
openssl genrsa -des3 -out Rocket.Chat-root.key 4096
If you want a non-password protected key, just remove the
openssl req -x509 -new -nodes -key Rocket.Chat-root.key -sha256 -days 1024 -out Rocket.Chat-root.crt
Here we used our root key to create the root certificate that should be distributed to all the computers that have to trust us.
openssl genrsa -out mydomain.com.key 2048
openssl req -new -key mydomain.com.key -out mydomain.com.csr
Here, we are using the
mydomain.comCSR along with the
openssl x509 -req -in mydomain.com.csr -CA Rocket.Chat-root.crt -CAkey Rocket.Chat-root.key -CAcreateserial -out mydomain.com.crt -days 365 -sha256
mydomain.com.keyfiles generated above will be used as the certificate and the private key to configure SSL.
All the devices that need to communicate with the server during development need to trust the root certificate we generated in
Installation instructions for other operating systems are available online.
On successful installation of the root certificate, the device should be able to access Rocket.Chat over SSL.
If your device is not able to connect over SSL, please make sure that the URL has
https://explicitly typed out before it.