Let's Encrypt generates SSL certificates for free.
Follow these steps to create and use an SSL certificate with ArangoDB.
1. Install the Certbot from LetsEncrypt (Certbot instructions)
sudo apt-get update
sudo apt-get install software-properties-common
sudo add-apt-repository universe
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
sudo apt-get install certbot
Run certbot and answer the prompted questions.
sudo certbot certonly
ArangoDB requires a single file containing the certificate chain as well as the private key.
cd /etc/letsencrypt/live/example.com # replace example.com with your domain
cat fullchain.pem privkey.pem > server.pem
Make sure the ArangoDB user (usually arangodb
) can read the server.pem
and fullchain.pem
chown -R arangodb:arangodb ./etc/letsencrypt/* # depending on your system
vi /etc/arangodb3/arangod.conf
A. Add the endpoint to the [server]
endpoint = ssl://example.com:8529
B. Create the [ssl]
block before any other block
cafile = /etc/letsencrypt/live/example.com/fullchain.pem
keyfile = /etc/letsencrypt/live/example.com/server.pem
C. Save & close
service arangodb3 restart
service arangodb3 status # make sure it's running
Related / sources:
- Certbot instructions
- StackOverflow: ArangoDB working together with letsenrcypt certificates
- StackOverflow: Arangod.conf for SSL
Paste the following into
to avoid comming back here every few months:Edit cronjobs:
Add job for renewal: