For SSL you can either use a Load Balancer (recommended) or LetsEncrypt. For LetsEncrypt, you'll need to have port 80 open on the machine that Secoda has been installed on, so we recommend that people use a Load Balancer.

Setup SSL with Load Balancer

  1. Create a Load Balancer that listens on port 443 and forwards to the target group of the machine Secoda is installed on that resolves to port 80. Also, add a rule that automatically redirects any traffic from 80 to 443

Untitled

Untitled

  1. Add a DNS entry to your domain that points to your Load Balancer
  2. Update the DOMAIN variable in .env to point to your domain and run ./setup-ssl.sh
  3. Ensure that SSL has been properly configured by going to https://secoda.company.com/logout

Setup SSL with Letsencrypt

  1. First set up a DNS so that secoda.yourcompany.com (substitute this with your actual domain) points to the public domain of the machine you've installed Secoda on

  2. Then edit the .env file and change the following variables:

DOMAIN=https://secoda.yourcompany.com to your domain name

  1. Run the script ./setup-ssl-letsencrypt.sh

  2. Ensure that SSL has been properly configured by going to https://secoda.company.com/logout

<aside> ➡️ Next setup optional configurations Configure Google SSO Configure Microsoft SSO Setup Automatic Updates Setup Backups

</aside>