Skip to main content

Apply Valid SSL Certificates

Moogsoft Onprem includes a self-signed certificate by default. If you want to add your own certificates to Nginx, follow the instructions below.

A valid SSL certificate is required if you want to use Moogsoft Onprem for Mobile on an iPhone. This is because WebSockets do not work on iOS with self-signed certificates. If a valid root CA certificate is not added, a 'Connection Error' appears at login and Moogsoft Onprem for Mobile does not work.

For more information, see the Nginx documentation.

Add a Valid Certificate

Path to the moog-ssl.conf file:

  • For tarball : $MOOGSOFT_HOME/cots/nginx/config/conf.d/moog-ssl.conf

  • For RPM : /etc/nginx/conf.d/moog-ssl.conf

To apply a valid certificate to Nginx, edit the relevant version of the moog-ssl.conf file appropriate for the current deployement. For example for RPM:

    vi /etc/nginx/conf.d/moog-ssl.conf

Change the default self-signed certificate and key locations to point to the valid root certificate and key:

#ssl_certificate /etc/nginx/ssl/certificate.pem;
#ssl_certificate_key /etc/nginx/ssl/certificate.key;

ssl_certificate /etc/certificates/your_company_certificate.crt;
ssl_certificate_key /etc/certificates/your_company_certificate.key;

Save and Exit the editor, then reload Nginx with this command:

systemctl reload nginx