Forums
Support and feedbac...
Technical questions
Issue with Custom S...
 
Notifications
Clear all

[Solved] Issue with Custom SSL Certificate in QuickHMI Docker Container

 
Technical questions
Last Post von m.fairhall vor 10 Monaten
3 Posts
2 Users
1 Reactions
1,428 Views
RSS
 m.fairhall
(@m-fairhall)
Posts: 8
Member
Topic starter
 

Hello Support Team,

I have been troubleshooting our QuickHMI runtime running inside a Docker container. Below is a summary of my activities and the current issue:

  1. Initial Setup:

    • Our QuickHMI runtime is installed in a Docker container and is functioning correctly using the default self‑signed certificate.
    • The self‑signed certificate is located in:
      /usr/share/QuickHMI/QuickHMI Server Jellyfish/certificates/QuickHMI_SSL.p12

  2. Custom Certificate Generation:

    • I generated a new SSL certificate (via Let’s Encrypt) and converted it into a PKCS#12 keystore.
    • This new keystore was stored in the same directory as the original certificate, and initially renamed to QuickHMI_SSL_NEW.p12.

  3. Attempt to Use Custom Certificate:

    • I replaced the original self‑signed keystore (renamed it QuickHMI_SSL.p12.bak) with the new keystore by renaming it to QuickHMI_SSL.p12.
    • After restarting the Docker container, I was unable to connect to the QuickHMI runtime on port 6068.

  4. Reverting Changes:

    • When I restore the original self‑signed certificate (renaming it back to QuickHMI_SSL.p12), the QuickHMI runtime becomes accessible on port 6068 again.

Suspected Issue:
I suspect that the new PKCS#12 keystore might require a password or additional configuration (such as specifying the keystore password) for QuickHMI to load it properly. Without entering or configuring the password, the system appears to fall back to the self‑signed certificate behavior (or fails to load the custom certificate), resulting in no HTTPS service on port 6068.

Request:
Could you please advise on:

  • The proper procedure for configuring the custom PKCS#12 keystore with QuickHMI?
  • Where and how we should specify the keystore password (if needed) so that the runtime correctly loads the new certificate?
  • Any additional steps or configuration changes required to switch from the self‑signed certificate to our new Let’s Encrypt certificate.

Your assistance in resolving this matter is greatly appreciated.

Mark F

 
Posted : 12/03/2025 2:59 a.m. CET
Matthias
 Matthias
(@m-folte-9469)
Posts: 34
Member Admin
 

Hello m.fairhall,

you are correct. Simply switching out the file does not work, because specific passwords are reuqired to load the new certificate.

Please have a look at the newly created knowledgebase article: https://docs.quickhmi.com/en/dokumentation/runtime-manager-en/ssl-certificates/

I hope this helps you to use your own certificate.

 
Posted : 12/03/2025 11:24 a.m. CET
 m.fairhall
(@m-fairhall)
Posts: 8
Member
Topic starter
 

Thank you, now it's working:)

Regards, Mark F

 
Posted : 13/03/2025 8:04 a.m. CET
Forum Jump:
  Previous Topic
Next Topic