How to install ssl certicate on Discourse one-click install droplet

How to install ssl certicate on Discourse one-click install droplet?

How can I access Nginx server block configuration directory in Discourse one-click install?

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

in 2017 I found that if you just run ./discourse-setup in the /var/discourse/ folder again, it’ll set up let’s encrypt automatically. You’ve got to stop nginx (which is dead anyway) though with systemctl stop nginx and the app itself with ./launcher stop app.

This comment has been deleted

So, I found the answer here:

And successfully added SSL to my one-click Discourse droplet install digital ocean.

Below is copy of the written directions from the

By Sam Saffron co-founder

So you’d like to enable SSL for your Docker-based Discourse setup? Let’s do it!

This guide assumes you used all the standard install defaults – a container configuration file at/var/discourse/containers/app.>yml and Discourse docker is installed at: /var/discourse

Buy a SSL Certificate

Go to namecheap468 or some other SSL cert provider and purchase a SSL cert for your domain. Follow all the step documented by >them to generate private key and CSR and finally get your cert. I used the apache defaults, they will work fine.

Keep your private key and cert somewhere safe.

Place the Certificate and Key

Get a signed cert and key and place them in the /var/discourse/shared/standalone/ssl/ folder

Private key is:


Cert is


File names are critical do not stray from them or your nginx template will not know where to find the cert.

Have a look at your app.yml configuration file to see where the shared folder is mounted.


  • volume: host: /var/discourse/shared/standalone guest: /shared In essence the files must be located at /shared/ssl/ssl.key /shared/ssl/ssl.crt inside the container.

For all clients to find a path from your cert to a trusted root cert (i.e., not give your users any warnings), you may need to >concatenate the cert files from your provider like so:

cat “Your PositiveSSL Certificate” “Intermediate CA Certificate” “Intermediate CA Certificate” >> ssl.crt Configure NGINX

Add a reference to the nginx ssl template from your app.yml configuration file:


  • “templates/postgres.template.yml”
  • “templates/redis.template.yml”
  • “templates/sshd.template.yml”
  • “templates/web.template.yml”
  • “templates/web.ssl.template.yml” Configure your Docker Container

Tell your container to listen on SSL


  • “80:80”
  • “2222:22”
  • “443:443” Bootstrap your Docker Container

Rebuild your app

./launcher rebuild app Profit, you are done!


Be sure to read through the logs using

./launcher logs app If anything goes wrong.