How do I get the certificates installed

The only documentation for this is in windoze.



Are you asking how to install an SSL certificate that Ignition will use, or something else?

I’m using letsencrypt for the ca and wanted to get the certs installed into ignition. In windows it talked about copying files to a path, but that path doesn’t exist in linux. Sorry, not a big web guy so I didn’t know where to go from here.

Assuming these instructions: … ertificate

Use your package manager to install the Oracle Java JDK ( and then follow from step 3. The instructions are the same, just choose a different path to create your keystore at since you obviously can’t use “C:”. The Ignition install directory will also be different - either something like /usr/local/ignition or wherever you chose to unzip it.

As for using letsencrypt… I wouldn’t recommend doing that. All letsencrypt certificates expire in 90 days, so you’ll need to be updating the Ignition SSL certificate, by hand, in perpetuity. Go pay the PKIX cartel for a 3-5 year certificate and save yourself the trouble.

Hahaha, thx, I’ll do that now. If it were up to me I would go ahead and pay up, but not my call. There’s actually a way to set a cron to auto renew with certbot, I’ll end up using that.

Yeah, but you’re also going to have to automate the part where you import it into the keystore used by Ignition.

Where is the gateways keystore by the way?

It’s {wherever_you_installed_ignition}/webserver/ssl.key

So I ran the linux installer, the default dir, there’s some stuff in:

ls /var/lib/ignition/
data Gateway temp user-lib

ls /etc/ignition/
gateway.xml gateway.xml_clean ignition.conf

There is this:

ls /var/lib/ignition/data/certificates/
cert-chain-store cert-chain-store-old gateway_network

I tried the chain, both full and the other one, as the cert-chain-store file and still no good?

Bleh. The installer.

What’s in /var/lib/ignition? Is the webserver folder in there?

Found it, for ref it’s in /usr/local/bin/ignition