Note: this article is only relevant to on-premises installations
Note: this article applies to version 3.1 and newer

By default, Sophie will serve a self-signed certificate. To avoid this, issue a certificate for the domain-name you use when opening the Sophie web-app.

The private key will be used by the internal Nginx server, which expects a key and certificate, both in PEM  format.

Place the certificates on the server under $LOOM_HOME/resources/auth/ .
Then, run the following command:

loom various install-certificate install-certificate \
     $LOOM_HOME/lib/loom/loom-cli-3.2.0-b4/loom/resources/ssl/cert.pem \

Note that older versions used this path instead : 


This will create entries in the configuration file, typically under $LOOM_HOME/.conf/loom_config.yaml - you can manually edit the ssl  section if needed.

To have the changes take effect, run loom restart.

That's it! browse to the Sophie web-app - the certificate should now be served.

Note: you can choose another path for the certificate, but it must be under $LOOM_HOME 

Did this answer your question?