Change SSL Certify

N8N uses a SSL Let’s Encrypt certify to enable HTTPS protocol.
Can I chenge this for my own certify (COMODO)?

Thanks.

Welcome to the community @leucotron !

n8n is not using Lets Encrypt directly. The default docker-compose setup we provide as example is using Lets Encrypt with the help of traefik. You are free to replace it with whatever you want.

Hi @jan

Thank you.
Great, so I need to change directly on n8n docker, I’m right? How can I do this?

Yes, in this case as the configuration is in the docker-compose file you would have to make the changes there. The SSL documentation from traefik (where you would have to make the changes) can be found here:
https://doc.traefik.io/traefik/https/tls/

Hey @leucotron!

Were you able to change the certificate? Can you share the solution so that others can benefit as well :slight_smile:

Hi @harshil1712 !

I’m following @jan’s tip , but I haven’t been able to change it yet, I’m working on it.
As soon as possible I will post the solution here.

1 Like

Hello guys. I got to change the SSL Certificate, follows the solution:

IMPORTANT:
I had some problems with “Environment Variable” on docker-compose, make backup or snapshot from your host before making changes.

#1 - Create a folder to insert the certificate files (on host server, not on docker)
sudo mkdir /root/n8n/cert

#1.1 - Send the ‘server.crt’ and ‘server.key’ to this folder.

#2 - Create a dynamic configuration file that tells Traefik where our certs are located within the container (on the same folder before) and insert the configurations on it:
tls:
certificates:
- certFile: /cert/server.crt
keyFile: /cert/server.key

#3 - Stop containers:
docker-compose stop

#4 - Make the following changes on docker-compose.yml (on service traefik):
#4.1 - Insert on command labels:

- " --providers.file.directory=/etc/traefik/dynamic"

#4.2 - Remove/commet on command labels:

 - "--certificatesresolvers.mytlschallenge.acme.tlschallenge=true"
 - "--certificatesresolvers.mytlschallenge.acme.email=${SSL_EMAIL}"
 - "--certificatesresolvers.mytlschallenge.acme.storage=/letsencrypt/acme.json"

#4.3 - Insert on volumes labels:

 - ${DATA_FOLDER}/cert:/cert
 - ${DATA_FOLDER}/cert/certs-traefik.yml:/etc/traefik/dynamic/certs-traefik.yml

#5 - Start containers:
docker-compose up -d

#6 - Access your https://n8n.address/workflow to certify that shows the new certificate.

Source: Use Your Own Certificates with Traefik | by Clint Colding | Medium

Hope this helps…

3 Likes

Cool, thanks a lot for sharing!

What is the content of the certs-traefik.yml file?

Hi @jan. The content is:

tls:
certificates:
- certFile: /cert/server.crt
keyFile: /cert/server.key

screenshot_3

2 Likes