Securing the web-interface and public API


I want securing the public API with a certificat, not with self-signed certificat.

I have retrieved a certificat from gandi where is hosted my domain name but I have some doubt regarding the files to install here ==> /etc/lora-app-server/certs/

[application_server.external_api] is already exposed with self-signed certificat.

From gandi procedure I retrieved several files, myserver.key, server.csr and after approval (from gandi)

I don’t know what file should I expose…

Thank you for your help

Ok done after moving old certificat self-signed under /etc/lora-app-server/certs with new one.

I renamed myserver.key to and galerie-elise.csr to http.pem.

Hi, @julien

How did you approve the myserver.key and server.csr?


from gandi , my certificat is free during one year because I suscribed to a DNS