Cockpit is a web-based graphical interface that enables you to manage most of the Linux administration tasks from one place by using plugins.
The Cockpit web service runs on TCP port 9090 and uses a self-signed TLS certificate if none is provided. In order to specify a TLS certificate for the web service, simply drop the certificate with the extension
.cert in the
/etc/cockpit/ws-certs.d and the corresponding key file having same name but with the
The key should not be encrypted, i.e protected by a passphrase.
If there are multiple certificate files in the directory, then the one with the highest priority is chosen after sorting.
.cert file can also contain two OpenSSL style PEM blocks. The first block containing the
BEGIN CERTIFICATE for the server certificate and intermediate certificate authorities, and the second block containing
BEGIN PRIVATE KEY to hold the corresponding private key.