{"componentChunkName":"component---smooth-doc-smooth-doc-src-templates-doc-js","path":"/docs/on-premise/https/","result":{"data":{"mdx":{"fields":{"pageType":"doc","title":"HTTPS","editLink":""},"body":"var _excluded = [\"components\"];\nfunction _extends() { return _extends = Object.assign ? Object.assign.bind() : function (n) { for (var e = 1; e < arguments.length; e++) { var t = arguments[e]; for (var r in t) ({}).hasOwnProperty.call(t, r) && (n[r] = t[r]); } return n; }, _extends.apply(null, arguments); }\nfunction _objectWithoutProperties(e, t) { if (null == e) return {}; var o, r, i = _objectWithoutPropertiesLoose(e, t); if (Object.getOwnPropertySymbols) { var s = Object.getOwnPropertySymbols(e); for (r = 0; r < s.length; r++) o = s[r], t.includes(o) || {}.propertyIsEnumerable.call(e, o) && (i[o] = e[o]); } return i; }\nfunction _objectWithoutPropertiesLoose(r, e) { if (null == r) return {}; var t = {}; for (var n in r) if ({}.hasOwnProperty.call(r, n)) { if (e.includes(n)) continue; t[n] = r[n]; } return t; }\n/* @jsxRuntime classic */\n/* @jsx mdx */\n\nvar _frontmatter = {\n  \"title\": \"HTTPS\",\n  \"description\": \"https\",\n  \"order\": 50,\n  \"section\": \"On-Premise\"\n};\nvar layoutProps = {\n  _frontmatter: _frontmatter\n};\nvar MDXLayout = \"wrapper\";\nreturn function MDXContent(_ref) {\n  var components = _ref.components,\n    props = _objectWithoutProperties(_ref, _excluded);\n  return mdx(MDXLayout, _extends({}, layoutProps, props, {\n    components: components,\n    mdxType: \"MDXLayout\"\n  }), mdx(\"h1\", {\n    \"id\": \"https\"\n  }, mdx(\"a\", {\n    parentName: \"h1\",\n    \"href\": \"#https\",\n    \"aria-label\": \"https permalink\",\n    \"className\": \"anchor\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"\", mdx(\"abbr\", {\n    parentName: \"h1\",\n    \"title\": \"Hypertext Transfer Protocol Secure\"\n  }, \"HTTPS\"), \"\"), mdx(\"br\", null), mdx(\"p\", null, \"By default, an on-premise deployment serves content via unsecured HTTP on port 80. To enable secure connections using \", mdx(\"abbr\", {\n    parentName: \"p\",\n    \"title\": \"Hypertext Transfer Protocol Secure\"\n  }, \"HTTPS\"), \" (port 443), a valid TLS/SSL certificate is required that is either self-signed or from a certificate authority (CA). These are the steps needed to configure \", mdx(\"abbr\", {\n    parentName: \"p\",\n    \"title\": \"Hypertext Transfer Protocol Secure\"\n  }, \"HTTPS\"), \" after a valid certificate is acquired.\"), mdx(\"h2\", {\n    \"id\": \"managing-https\"\n  }, mdx(\"a\", {\n    parentName: \"h2\",\n    \"href\": \"#managing-https\",\n    \"aria-label\": \"managing https permalink\",\n    \"className\": \"anchor\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"Managing \", mdx(\"abbr\", {\n    parentName: \"h2\",\n    \"title\": \"Hypertext Transfer Protocol Secure\"\n  }, \"HTTPS\"), \"\"), mdx(\"p\", null, \"To enable \", mdx(\"abbr\", {\n    parentName: \"p\",\n    \"title\": \"Hypertext Transfer Protocol Secure\"\n  }, \"HTTPS\"), \", some environment variables need to be changed in the \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \".env\"), \" file. For additional information on changing the environment for PathcoreFlow, see \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"/flow/manual/latest/docs/on-premise/configuration/\"\n  }, \"Configuration\"), \". The minimum configuration needed is:\"), mdx(\"ul\", null, mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"The \", mdx(\"inlineCode\", {\n    parentName: \"li\"\n  }, \"HTTP_ONLY\"), \" environment variable must disabled via the \", mdx(\"inlineCode\", {\n    parentName: \"li\"\n  }, \".env\"), \" configuration file\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"The certificate and key files (\", mdx(\"a\", {\n    parentName: \"li\",\n    \"href\": \"#purchased-certificates\"\n  }, \"purchased\"), \", \", mdx(\"a\", {\n    parentName: \"li\",\n    \"href\": \"#self-signed-certificates\"\n  }, \"self-signed\"), \", or from \", mdx(\"a\", {\n    parentName: \"li\",\n    \"href\": \"#lets-encrypt\"\n  }, \"Let's Encrypt\"), \") must be placed in the directory defined in \", mdx(\"inlineCode\", {\n    parentName: \"li\"\n  }, \"PCW_SSL_DIR\"))), mdx(\"div\", {\n    className: \"info\"\n  }, \"Certificates should be renewed with the appropriate certificate authority and updated in PathcoreFlow before they expire.\"), mdx(\"details\", null, mdx(\"summary\", null, \" To configure PathcoreFlow to use HTTPS \"), mdx(\"ol\", null, mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Place the certificate and key files in the appropriate directory on the host server or VM. By default, the following path and names are used:\"), mdx(\"ul\", {\n    parentName: \"li\"\n  }, mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"Certificate directory: \", mdx(\"inlineCode\", {\n    parentName: \"li\"\n  }, \"/opt/pathcore/certs\")), mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"Certificate file: \", mdx(\"inlineCode\", {\n    parentName: \"li\"\n  }, \"fullchain.pem\")), mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"Key file: \", mdx(\"inlineCode\", {\n    parentName: \"li\"\n  }, \"privkey.pem\"))), mdx(\"div\", {\n    className: \"info\"\n  }, \"These files must be in the PEM format.\")), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Use your preferred text editor to update the relevant environment variables in the \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \".env\"), \" file (the default location for this file is \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"/opt/pathcore/compose/.env\"), \")\"), mdx(\"ol\", {\n    parentName: \"li\"\n  }, mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"PCW_SSL_DIR=/opt/pathcore/certs\"), \": the path to the directory containing the certificate and key files:\")), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"PCW_HTTP_ONLY=0\"), \": enable \", mdx(\"abbr\", {\n    parentName: \"p\",\n    \"title\": \"Hypertext Transfer Protocol Secure\"\n  }, \"HTTPS\"), \"\")), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"(Optional) \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"PCW_SECURE_COOKIES=1\"), \": only allow user sessions via \", mdx(\"abbr\", {\n    parentName: \"p\",\n    \"title\": \"Hypertext Transfer Protocol Secure\"\n  }, \"HTTPS\"), \". Enable this only if all users will be connecting to the PathcoreFlow service via \", mdx(\"abbr\", {\n    parentName: \"p\",\n    \"title\": \"Hypertext Transfer Protocol Secure\"\n  }, \"HTTPS\"), \"\")))), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"/flow/manual/latest/docs/on-premise/configuration/#restarting-components\"\n  }, \"Restart the affected service components\"))))), mdx(\"details\", null, mdx(\"summary\", null, \" To use a different certificate or key filename \"), mdx(\"ol\", null, mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Use your preferred text editor to add the following environment variables to the \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \".env\"), \" file (the default location for this file is \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"/opt/pathcore/compose/.env\"), \")\"), mdx(\"ol\", {\n    parentName: \"li\"\n  }, mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"PCW_SSL_CERT_NAME=server_cert.pem\"), \": to change the filename of the certificate file\")), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"PCW_SSL_KEY_NAME=server_key.pem\"), \": to change the filename of the key file\")))))), mdx(\"details\", null, mdx(\"summary\", null, \" To update the certificate \"), mdx(\"ol\", null, mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Backup the existing certificate and key files\")), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Place the new certificate file(s) in the appropriate directory on the host server or VM. By default, this is \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"/opt/pathcore/certs\")), mdx(\"div\", {\n    className: \"info\"\n  }, \"These files must be in the PEM format.\")), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"/flow/manual/latest/docs/on-premise/configuration/#restarting-components\"\n  }, \"Restart the affected service components\")), mdx(\"div\", {\n    className: \"warning\"\n  }, \"It is recommended to backup the existing files before overwriting them.\")))), mdx(\"h2\", {\n    \"id\": \"purchased-certificates\"\n  }, mdx(\"a\", {\n    parentName: \"h2\",\n    \"href\": \"#purchased-certificates\",\n    \"aria-label\": \"purchased certificates permalink\",\n    \"className\": \"anchor\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"Purchased Certificates\"), mdx(\"p\", null, \"When purchasing certificates from a certificate service you must first provide them with a Certificate Signing Request (CSR). Creating a CSR is out of scope for this documentation.\"), mdx(\"p\", null, \"Once you have received the certificate bundle you will need to create the full certificate chain to use as your certificate. This will help prevent issues with older browsers and operating systems.\"), mdx(\"p\", null, \"The certificate issuer should provide documentation on how to create a certificate chain. In general, the certificates from the bundle need to be combined in a specific order:\"), mdx(\"ul\", null, mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"Server Certificate -> Intermediate Certificate(s) -> CA Root Certificate\")), mdx(\"div\", {\n    className: \"warning\"\n  }, \"The certificate bundle MUST start with the server certificate, then any intermediary certificates, then the root certificate. If there are multiple intermediary certificates they need to be added in the correct order.\"), mdx(\"p\", null, \"Here is an example command to generate a certificate chain bundle. This command is for illustrative purposes \", \"\\u2014\", \" the actual command will vary depending on certificate issuer. Here we also assume you have all of your certificate files supplied by the issuer in one directory on a Linux server.\"), mdx(\"pre\", null, mdx(\"code\", {\n    parentName: \"pre\",\n    \"className\": \"language-bash\"\n  }, \"cat ComodoRSAAddTrustCA.crt \\\\\\n    ExtendedvalidationSecureServerCA.crt \\\\\\n    AddTrustExternalCARoot.crt > fullchain.pem\\n\")), mdx(\"h2\", {\n    \"id\": \"self-signed-certificates\"\n  }, mdx(\"a\", {\n    parentName: \"h2\",\n    \"href\": \"#self-signed-certificates\",\n    \"aria-label\": \"self signed certificates permalink\",\n    \"className\": \"anchor\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"Self-Signed Certificates\"), mdx(\"div\", {\n    className: \"info\"\n  }, \"Self-signed certificates are only accepted by browsers where users have manually added the self-signed certificate to their list of trusted certificates.\"), mdx(\"p\", null, \"OpenSSL can be used to generate the key and certificate files for a self-signed certificate:\"), mdx(\"pre\", null, mdx(\"code\", {\n    parentName: \"pre\",\n    \"className\": \"language-bash\"\n  }, \"openssl req -newkey rsa:2048 -new -nodes -x509 -days 365 \\\\\\n    -keyout privkey.pem -out fullchain.pem\\n\")), mdx(\"p\", null, \"For more information on the \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"openssl req\"), \" command line options, see the \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"https://www.openssl.org/docs/manmaster/man1/openssl-req.html\"\n  }, \"openssl-req manpage\"), \".\"), mdx(\"h2\", {\n    \"id\": \"lets-encrypt\"\n  }, mdx(\"a\", {\n    parentName: \"h2\",\n    \"href\": \"#lets-encrypt\",\n    \"aria-label\": \"lets encrypt permalink\",\n    \"className\": \"anchor\"\n  }, mdx(\"svg\", {\n    parentName: \"a\",\n    \"aria-hidden\": \"true\",\n    \"focusable\": \"false\",\n    \"height\": \"16\",\n    \"version\": \"1.1\",\n    \"viewBox\": \"0 0 16 16\",\n    \"width\": \"16\"\n  }, mdx(\"path\", {\n    parentName: \"svg\",\n    \"fillRule\": \"evenodd\",\n    \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n  }))), \"Let's Encrypt\"), mdx(\"p\", null, mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"https://letsencrypt.org/\"\n  }, \"Let's Encrypt\"), \" is a free, automated, and open Certificate Authority (CA). You can read more about the services they offer and how to subscribe on their \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"https://letsencrypt.org/docs/\"\n  }, \"documentation page\"), \".\"), mdx(\"p\", null, \"To use Let's Encrypt with PathcoreFlow:\"), mdx(\"ul\", null, mdx(\"li\", {\n    parentName: \"ul\"\n  }, \"PathcoreFlow must be externally accessible via TCP ports 80 (HTTP) and 443 (\", mdx(\"abbr\", {\n    parentName: \"li\",\n    \"title\": \"Hypertext Transfer Protocol Secure\"\n  }, \"HTTPS\"), \")\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, mdx(\"inlineCode\", {\n    parentName: \"li\"\n  }, \"PCW_HOST\"), \" must be set to a valid hostname which routes to PathcoreFlow. See \", mdx(\"a\", {\n    parentName: \"li\",\n    \"href\": \"/flow/manual/latest/docs/on-premise/configuration/#environment-variables\"\n  }, \"Configuration - Environment Variables\"), \" for more details on how to set this value\"), mdx(\"li\", {\n    parentName: \"ul\"\n  }, mdx(\"a\", {\n    parentName: \"li\",\n    \"href\": \"https://certbot.eff.org/\"\n  }, mdx(\"inlineCode\", {\n    parentName: \"a\"\n  }, \"certbot\")), \" must be installed on the host server or VM\")), mdx(\"details\", null, mdx(\"summary\", null, \" To configure PathcoreFlow to use Let's Encrypt \"), mdx(\"ol\", null, mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Enable \", mdx(\"abbr\", {\n    parentName: \"p\",\n    \"title\": \"Hypertext Transfer Protocol Secure\"\n  }, \"HTTPS\"), \" via the \", mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"#managing-https\"\n  }, \"environment variables described above\"))), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Use your preferred text editor to update the relevant environment variables in the \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \".env\"), \" file (the default location for this file is \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"/opt/pathcore/compose/.env\"), \")\"), mdx(\"ol\", {\n    parentName: \"li\"\n  }, mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"PCW_ENABLE_CERTBOT=1\"), \": enable the \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"certbot\"), \" automation\")), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"PCW_CERTBOT_EMAIL=your@email.address\"), \": an email address to receive communications from Let's Encrypt\")))), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, \"Request the initial certificate by running the \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"certbot.sh\"), \" script manually:\"), mdx(\"pre\", {\n    parentName: \"li\"\n  }, mdx(\"code\", {\n    parentName: \"pre\",\n    \"className\": \"language-bash\"\n  }, \"/opt/pathcore/compose/scripts/certbot.sh\\n\"))), mdx(\"li\", {\n    parentName: \"ol\"\n  }, mdx(\"p\", {\n    parentName: \"li\"\n  }, mdx(\"a\", {\n    parentName: \"p\",\n    \"href\": \"/flow/manual/latest/docs/on-premise/configuration/#restarting-components\"\n  }, \"Restart the affected service components\"))))), mdx(\"details\", null, mdx(\"summary\", null, \" To renew a Let's Encrypt certificate \"), mdx(\"p\", null, \" If the \", mdx(\"inlineCode\", {\n    parentName: \"p\"\n  }, \"pathcoreflow-maintenance.timer\"), \" systemd unit is installed and enabled, then the certificate should be automatically renewed 30 days before it expires.\")));\n}\n;\nMDXContent.isMDXComponent = true;","tableOfContents":{"items":[{"url":"#https","title":"HTTPS","items":[{"url":"#managing-https","title":"Managing HTTPS"},{"url":"#purchased-certificates","title":"Purchased Certificates"},{"url":"#self-signed-certificates","title":"Self-Signed Certificates"},{"url":"#lets-encrypt","title":"Let's Encrypt"}]}]}}},"pageContext":{"id":"5614a267-1ef8-5318-a4b0-45f75c3f6f89"}},"staticQueryHashes":["1086510573","1106176283","1122327541","2140385554","2719290676","3597609067","4027383558"]}