Enable HTTPS local server with self-signed certificate

I need to enable https on my local instance of globaleaks, which is deployed on a local VM in NAT mode.

I’ve tried to create a self signed certificate with the command:
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365
and setting the FQDN to globaleaks.local

i’ve changed the /etc/hosts file with the local IP assigned:
globaleaks@globaleaks:/var/globaleaks/log$ cat /etc/hosts localhost.localdomain localhost
::1 localhost6.localdomain6 localhost6 globaleaks.local globaleaks

Then i tried to upload the .pem key using the web UI and the manual procedure but it gives me the error on top:
Error on input validation[]

the logs globaleaks.log seems to not have relevant info (also enabling debug mode from UI and restarting the service globaleaks).
the automatic and manual procedures from the web UI doesn’t work (probably because server needs to be accessible from the web).

Can you guys help me out please?

Very strange, as you are trying to make a test, can you attach all the files that you generated?

This way we could analize them and after the issue is solved you may regenete them ?

You want an attachment of the .pem certificate and key?
In the manual configuration of https i’m trying to upload in the private key (by clicking the upload button next to the generate one) the .pem files generated (both the key.pem and cert.pem).
I took the .pem files generated from the globaleaks server using sftp.

Yes i would like to try with your files

i’m unable to upload the files (it accepts only images) even if i change the extension to jpg

You could send them to me at evilaliv3@globaleaks.org

I’ve sent you the .pem on your email mr.evil

Well received thank you. I will try to test it as soon that possible.

Do you have any update?

Hello @dan00bie,

i just rechecked your files and i confirm that they are correct.

The reason why you are not able to use them in globaleaks is that currently the software do not accept private keys that are password protected.


Giovanni Pellerano

Yes! That was the problem! Thank you very much!