Note: this article is only relevant to on-premises installations
Note: this section applies to version 3.4 and newer


By default, Sophie will serve a self-signed certificate. To avoid this, issue a certificate for the domain-name you use when opening the Sophie web-app.

  1. Check if LOOM_HOME/cert folder exists.

      NOTE: If folder doesn't exist please create it:  
   [[ -d $LOOM_HOME/cert ]] || mkdir -p /opt/loom/cert

   2. Put your certificate and key under /opt/loom/cert folder

   cp custom.crt custom.key /opt/loom/cert/

   3. Run certificate installation script

   loom various install-certificate /opt/loom/cert/custom.crt /opt/loom/cert/custom.key


   4. Restart occultus-ui container

    docker restart occultus-ui

That's it! browse to the Sophie web-app - the certificate should now be served. 

---
For Version 3.1 -3.3:

The private key will be used by the internal Nginx server, which expects a key and certificate, both in PEM  format.

Then, run the following command:

loom various install-certificate install-certificate \
     $LOOM_HOME/lib/loom/loom-cli-3.2.0-b4/loom/resources/ssl/cert.pem \
     $LOOM_HOME/lib/loom/loom-cli-3.2.0-b4/loom/resources/ssl/key.pem

Note that older versions used this path instead : 

$LOOM_HOME/resources/auth

This will create entries in the configuration file, typically under $LOOM_HOME/.conf/loom_config.yaml - you can manually edit the ssl  section if needed.

To have the changes take effect, run loom restart.

That's it! browse to the Sophie web-app - the certificate should now be served.

Note: you can choose another path for the certificate, but it must be under $LOOM_HOME 

Did this answer your question?