This article describes how to install a SSL certificate on your Helpy Pro instance, using either Let's Encrypt (the easiest way to go) or using another provider.  This will allow your support system to be accessible with https instead of http.  Note: In order to set up your certificate, your Helpy Pro instance will need to have a domain name pointing to it.

Using Lets Encrypt

Setting up Letsencrypt will allow you to easily install a SSL cert for your Helpy site.  First, make sure you have LetsEncrypt installed:

sudo apt-get update
sudo add-apt-repository ppa:certbot/certbot
sudo apt install python-certbot-nginx

Letsencrypt includes a simple utility called "certbot" that makes it trivial to procure and install a certificate. Before certbot can automatically install your certificate, you will need to edit one line in the nginx configuration file to add your domain name.  Type

sudo nano /etc/nginx/sites-enabled/default

update the server_name block with your actual domain name:

server {
  listen          80;
  server_name     example.com;
  location / {
    proxy_pass      http://localhost:6000;
  }

Next run the certbot to fetch your SSL cert for your domain name

sudo certbot --nginx -d example.com

Replace 'example.com' with the full domain name you have mapped to your instance.  Proceed through the dialogues to install the certificate and update Nginx.  When you are done, confirm you are able to connect via SSH by reloading your site.

Using a certificate from another provider

Using a certificate from an alternate provider requires a couple of additional steps that may vary depending on the provider.  In general, follow these steps:

1. Create an private key for your server.  Do NOT share this.

openssl genrsa -out server.key 2048

2. Create a Certificate Signing Request (CSR) using the key you generated above.

openssl req -new -key server.key -out server.csr

3. Use the contents of the CSR to purchase your new certificate.  You can view the CSR with

cat server.csr

4. Once you have received your certificate, follow instructions provided by the vendor to install the cert.

5. Update your NGINX configuration for the Helpy Pro software with:

sudo nano /etc/nginx/sites-enabled/default

Add the bold sections to the configuration:

server {
  listen          80;
  listen 443 ssl;
  server_name     example.com;

  ssl_certificate your_new_certificate.crt;
  ssl_certificate_key server.key;
 
  location / {
    proxy_pass      http://localhost:6000;
  }

6. Restart Nginx and reload the site to verify you can load with https enabled:

sudo service nginx restart