Support for self signed certificates for local usage #1251
Replies: 4 comments 6 replies
-
Looks like that support was removed in paperless-ng 0.9.0. The suggestion from that changelog (and probably now) is to use a reverse proxy for SSL functionality. |
Beta Was this translation helpful? Give feedback.
-
Thank you for your response. I think that is totally fine solution for exposing a server to the internet. In my case the goal is to use https in the local network, without internet access to paperless. |
Beta Was this translation helpful? Give feedback.
-
Hi, I just stumbled over this thread. I think it is not a very good idea to not support TLS encryption at all. Yes, reverse proxies are good and fine. But zero trust is even better ;) As long as it is not that much effort to support TLS encryption (and maybe trust as well) I would be a fan of supporting it. As far as I overlook this issue so far: At a bare minimum pngx would have to set the values like this for
That could even be paths to volumes in case of docker containers or normal paths on bare metal installations. Should not be that big deal to support a minimum of encryption, does it? Would love to create a PR if you think that might be a thing to go for... |
Beta Was this translation helpful? Give feedback.
-
I was looking at the suggestion to add the information to gunicorn.conf.py does anyone have any idea how to test this. It seems like running the manage.py runserver does not trigger the file. Looking at the Usage.md file it seems like you should be able to do
If I try this it does trigger the config file, however it does not seem to work. I have tried exporting PAPERLESS_BIND_ADDR as 0.0.0.0 or 127.0.0.1 and the server seems to start fine, however when i go to http://127.0.0.1:8000/api I get "Internal Server Error" but no error messages on the command line. |
Beta Was this translation helpful? Give feedback.
-
It seems like the environment variable
PAPERLESS_USE_SSL
which was present in the past (https://paperless.readthedocs.io/en/latest/setup.html) is not working with paperless-ngx.It would be nice if we have the ability to somehow pass certificates to gunicorn when running in Docker.
Maybe there is already a suitable solution and I just need a hint? ;-)
Thanks for your great work.
Beta Was this translation helpful? Give feedback.
All reactions