SSL Certificate Management in UTMStack

This guide provides comprehensive steps on installing, generating, and renewing SSL certificates for UTMStack.

• SSL Certificate Management in UTMStack
  • Manual SSL Certificate Installation
  • Generate SSL with Certbot in UTMStack without DNS Change
  • Renew the Certificate Generated by Certbot in UTMStack

Manual SSL Certificate Installation

Before beginning, ensure you’ve downloaded your certificate files. After downloading:

1. You should have:
   • A certificate file with the extension .crt or .pem
   • A private key with the extension .key or .pem
2. Rename the files:
   • Certificate: utm.crt
   • Private Key: utm.key
3. Transfer both files to your server:

   mv utm.crt /UTMStack/cert/
   mv utm.key /UTMStack/cert/

1. Restart Docker for the changes to take effect:

systemctl restart docker

1. Allow approximately 10 minutes for the stack to restart.

Once these steps are completed, your SSL certificate will be installed and configured for UTMStack. For any issues or questions during the installation, please contact our support team.

Generate SSL with Certbot in UTMStack without DNS Change

1. Install Certbot Install the necessary tools and dependencies:

   sudo apt install certbot python3-certbot-nginx
   

2. Manage Services pause utmstack_frontend services:

docker service scale utmstack_frontend=0
docker ps | grep frontend

Then, start Nginx:

systemctl start nginx

1. Generate SSL Certificate Replace “siem.domain.com” with your domain:

sudo certbot --nginx -d siem.domain.com

1. Update SSL Certificate in UTMStack

cp /etc/letsencrypt/live/*/fullchain.pem /UTMStack/cert/utm.crt
cp /etc/letsencrypt/live/*/privkey.pem /UTMStack/cert/utm.key
docker service scale utmstack_frontend=1
docker ps | grep frontend
systemctl restart docker

Renew the Certificate Generated by Certbot in UTMStack

1. Manage Services pause utmstack_frontend services:

docker service scale utmstack_frontend=0

1. Renew SSL Certificate

certbot renew

1. Update SSL Certificate in UTMStack

Replace “siem.domain.com” with your specific domain:

cp /etc/letsencrypt/live/siem.domain.com/fullchain.pem /UTMStack/cert/utm.crt
cp /etc/letsencrypt/live/siem.domain.com/privkey.pem /UTMStack/cert/utm.key
docker service scale utmstack_frontend=1
docker ps | grep frontend
systemctl restart docker