SSL Configuration

HomeDock OS automatically leverages SSL certificates stored in the /DATA/SSLCerts directory to establish secure HTTPS connections across all applications and services.

Cloud Instances

For Cloud Instance users, SSL certificates are issued automatically upon subscription and are seamlessly reissued whenever the hostname is changed. This automatic handling ensures a smooth, hassle-free HTTPS setup without any manual intervention.

Self-Hosted

For Self-Hosted users, it’s essential to configure a renewal hook that transfers newly renewed SSL certificates to the /DATA/SSLCerts directory. This ensures uninterrupted HTTPS support, as HomeDock OS will detect and apply any updated certificates in this directory automatically.

Required File Structure

The SSL certificate files in */SSLCerts must follow the exact naming conventions below to be recognized by the HomeDock OS python process:

Directory*/SSLCerts
- cert.pem
- chain.pem
- fullchain.pem
- privkey.pem

Self-Signed Certificates

If you don’t have certificates from a Certificate Authority (like Let’s Encrypt), you can generate self-signed certificates for testing or local use:

The homedock_server.conf file is located at:

Linux: Usually /home/{username}/HomeDockOS/homedock_server.conf
macOS: ~/Library/Application Support/cloud.homedock.app/homedock/HomeDockOS-main/homedock_server.conf
Windows: %APPDATA%\cloud.homedock.app\homedock\HomeDockOS-main\homedock_server.conf

Linux

sudo mkdir -p /DATA/SSLCerts && cd /DATA/SSLCerts && sudo openssl req -x509 -newkey rsa:4096 -keyout privkey.pem -out fullchain.pem -days 365 -nodes -subj "/O=HomeDock OS/OU=Linux Native SSL/CN=homedock.local" -addext "subjectAltName=DNS:localhost,DNS:homedock.local,DNS:*.homedock.local,IP:127.0.0.1" && sudo cp fullchain.pem cert.pem && sudo cp fullchain.pem chain.pem

The certificates will and should be stored in:

Directory/DATA/SSLCerts
- cert.pem
- chain.pem
- fullchain.pem
- privkey.pem

macOS

mkdir -p ~/HomeDock/SSLCerts && cd ~/HomeDock/SSLCerts && openssl req -x509 -newkey rsa:4096 -keyout privkey.pem -out fullchain.pem -days 365 -nodes -subj "/O=HomeDock OS/OU=macOS Native SSL/CN=homedock.local" -addext "subjectAltName=DNS:localhost,DNS:homedock.local,DNS:*.homedock.local,IP:127.0.0.1" && cp fullchain.pem cert.pem && cp fullchain.pem chain.pem

The certificates will and should be stored in:

Directory~/HomeDock/SSLCerts
- cert.pem
- chain.pem
- fullchain.pem
- privkey.pem

Windows

PowerShell (Run as Administrator)

First, install OpenSSL if not already installed and add it to the PowerShell PATH to make it work:

winget install -e --id ShiningLight.OpenSSL.Light
$env:PATH += ";C:\Program Files\OpenSSL-Win64\bin"

Then generate the certificates:

New-Item -ItemType Directory -Force -Path "C:\HomeDock\SSLCerts" | Out-Null; cd C:\HomeDock\SSLCerts; openssl req -x509 -newkey rsa:4096 -keyout privkey.pem -out fullchain.pem -days 365 -nodes -subj "/O=HomeDock OS/OU=Windows Native SSL/CN=homedock.local" -addext "subjectAltName=DNS:localhost,DNS:homedock.local,DNS:*.homedock.local,IP:127.0.0.1"; Copy-Item fullchain.pem cert.pem; Copy-Item fullchain.pem chain.pem

The certificates will and should be stored in:

DirectoryC:\HomeDock\SSLCerts
- cert.pem
- chain.pem
- fullchain.pem
- privkey.pem

_{Self-signed certificates will still show a browser warning. Click ''Advanced'' and ''Continue anyway'' to proceed. For production use, consider using Let's Encrypt or another trusted Certificate Authority. You will need to renew them after 365 days manually and run these commands again.}