Using Let's Encrypt
Let’s Encrypt is a free, automated, and open certificate authority (CA) that provides an automated mechanism to request and renew free domain validated certificates that are short-lived to encourage automated renewal and to reduce the time a compromised cert could be abused.
- Command-line access to the server with PlexTrac installed and running
- Ensure that port 80/443 are open inbound AND outbound for Let’s Encrypt to pull a certificate
Step 1: Navigate to the installation directory of Plextrac (e.g. /opt/plextrac) as the
plextrac
user.Step 2: Edit the .env file
nano .env
Ensure that the CLIENT_DOMAIN_NAME={DNS A Record} and LETS_ENCRYPT_EMAIL={valid email address}. Verify that USE_CUSTOM_CERT=false.

Step 4: Save and exit.
Step 5: In the docker-compose.override.yml, verify that lines governing the use of a custom certificate are commented out.
- << local key path here >>:/etc/ssl/app.plextrac.key
- << local cert path here >>:/etc/ssl/app_cert_chain.crt

Step 6: Run
plextrac update
to implement the changes.plextrac update
Last modified 1mo ago