Securing your ThRadio installation with SSL / HTTPS

Enabling HTTPS with LetsEncrypt

LetsEncrypt is a free and simple way to allow safe and secure connections to your ThRadio installation. With a valid SSL certificate, you can:

Secure your connection to ThRadio when administering your stations.
Enforce security for all ThRadio administrators via HTTP Strict Transport Security (HSTS), and
Provide a secure listening endpoint to listeners, avoiding "Mixed Content" warnings when your radio signal is played from a secure web page.

Important Considerations

Before setting up LetsEncrypt, you should make sure the following conditions are met:

ThRadio uses a reverse proxy by Caddy, if you wish to configure LetsEncrypt you must have a domain (e.g. mysite.com) or a subdomain (radio.mysite.com) configured to point to the IP of your ThRadio installation.
ThRadio's web server must be served on the default ports, 80 for HTTP and 443 for HTTPS

Enabling LetsEncrypt

Connect to your host server via a terminal (SSH) connection and execute the following commands:

cd /var/thradio
./thradio.sh update-self
./thradio.sh letsencrypt-create

Answer the prompts as shown to complete the setup process.

Edit this page on GitHub Updated at Tue, Feb 23, 2021