TLS and SSL for https access to the API webinterface on 8080

Where does one configure HTTPS access to the API web interface, running on 8080?

The V4 configuration, according to has in [api] only bind and secret parameters to set.

You’re looking for the backend_interfaces section further down. You could also do TLS termination in a proxy like Traefik or Nginx, which is my preferred deployment approach.

For my use case I don’t want to set up a proxy if I can avoid it - in v3 it was very conveniently solved.
Yesterday I tried to set it up in v4 (docker), but I didn’t succeed.

In v3 I was using:

    image: chirpstack/chirpstack-application-server:3
       - 443:8080

and in chirpstack-application-server.toml


 # http server TLS certificate (optional)

 # http server TLS key (optional)

In v4 I configured:

# API interface configuration.
  # interface:port to bind the API interface to.

  # interface:port to bind the Backend Interfaces API to.
  tls_cert= "...../chirpstack-application-server-api-server.pem"

In docker-compose.yml I was trying to map the ports:
- 443:8080 → no connection (obviously 8080 is no TLS endpoint)
- 443:8081 → no connection
The bind port in [api] and [backend_interfaces] obvioulsy have to be different ones, otherwise the container doesn’t start (port already bound).

Anyone got an idea what I’m missing to make it work or isn’t it supported in v4 anymore?

It is currently not supported, but I’m open to accept pull-requests for this :slight_smile:

Thanks for clarifying. I took the longer path using traefik to secure my installation.

1 Like

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.