Installing TLS certificate in Flynn

Question

How do I set up a SSL certificate for a Flynn application?

Answer 1

The answer added by @titanous is outdated and is no longer valid. The correct usage for flynn is:

usage: flynn route
   flynn route add http [-s <service>] [-c <tls-cert> -k <tls-key>] [--sticky] [--leader] [--no-leader] [--no-drain-backends] <domain>
   flynn route add tcp [-s <service>] [-p <port>] [--leader] [--no-drain-backends]
   flynn route update <id> [-s <service>] [-c <tls-cert> -k <tls-key>] [--sticky] [--no-sticky] [--leader] [--no-leader]
   flynn route remove <id>

So, following the docs, the right answer for this is:

flynn -a slashbox route update http/{ID} -c slashbox.crt -k slashbox.key

This will print back to you: updated {ID}.

Answer 2

(In the following examples replace slashbox with the name of your app)

1. First, you'll need to add the domain:

   flynn -a slashbox route add http www.slashbox.co

2. Get the ID of the route:

   flynn -a slashbox route

   The ID of the route looks something like http/xxxxxxxx-xxxxx-xxxxx-xxxx-xxxxxxxxxxxx

3. Then, add the TLS certificate and TLS key:

   flynn -a slashbox route update http/xxxxxxxx-xxxxx-xxxxx-xxxx-xxxxxxxxxxxx --tls-cert cert_chain.pem --tls-key key.pem

The cert_chain.pem file should have the certificate for the domain followed by the intermediate certificate, both in PEM format in the same file. The key.pem file should have the unencrypted private key matching the certificate in PEM format.

Sources:

• https://flynn.io/docs/apps#custom-domains
• https://flynn.io/docs/apps#https