Using Let's Encrypt
This page explains how to use Let's Encrypt, which is recommended by PlexTrac.
PlexTrac is set up to use Let's Encrypt and recommends it over self-signed certificates.
Let’s Encrypt is a free, automated, and open certificate authority (CA) that provides an automated mechanism to request and renew free domain validated certificates that are short-lived to encourage automated renewal and to reduce the time a compromised cert could be abused.


  • Command-line access to the server with PlexTrac installed and running
  • Ensure that port 80/443 are open inbound AND outbound for Let’s Encrypt to pull a certificate

Installing Certificate

Step 1: Navigate to the installation directory of Plextrac (e.g. /opt/plextrac) as the plextrac user.
Step 2: Edit the .env file
nano .env
Ensure that the CLIENT_DOMAIN_NAME={DNS A Record} and LETS_ENCRYPT_EMAIL={valid email address}. Verify that USE_CUSTOM_CERT=false.
Step 4: Save and exit.
Step 5: In the docker-compose.override.yml, verify that lines governing the use of a custom certificate are commented out.
  • << local key path here >>:/etc/ssl/app.plextrac.key
  • << local cert path here >>:/etc/ssl/app_cert_chain.crt
Step 6: Run plextrac update to implement the changes.
plextrac update
Click Next below to learn about accessing PlexTrac logs.