Cockpit is a web-based graphical interface that enables you to manage most of the Linux administration tasks from one place by using plugins.
The Cockpit web service runs on TCP port 9090 and uses a self-signed TLS certificate if none is provided. In order to specify a TLS certificate for the web service, simply drop the certificate with the extension .cert
in the /etc/cockpit/ws-certs.d
and the corresponding key file having same name but with the .key
extension.
The key should not be encrypted, i.e protected by a passphrase.
If there are multiple certificate files in the directory, then the one with the highest priority is chosen after sorting.
The .cert
file can also contain two OpenSSL style PEM blocks. The first block containing the BEGIN CERTIFICATE
for the server certificate and intermediate certificate authorities, and the second block containing BEGIN PRIVATE KEY
to hold the corresponding private key.