Skip to main content

Enable HTTPS LibreNMS Ubuntu 24.04

Create self-signed SSL certificate

sudo mkdir -p /etc/nginx/ssl
sudo openssl req -x509 -nodes -days 365 -newkey rsa:4096 \
  -keyout /etc/nginx/ssl/librenms.key \
  -out /etc/nginx/ssl/librenms.crt

Edit you exiting NGINX configuration

nano /etc/nginx/conf.d/librenms.conf
# Redirect all HTTP → HTTPS
server {
    listen 80;
    listen [::]:80;
    server_name librenms.domain.com;
    return 301 https://librenms.domain.com$request_uri;
}

# Main HTTPS server
server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;

    server_name librenms.domain.com;

    ssl_certificate     /etc/nginx/ssl/librenms.crt;
    ssl_certificate_key /etc/nginx/ssl/librenms.key;

    root /opt/librenms/html;
    index index.php;

    access_log /opt/librenms/logs/access_log;
    error_log  /opt/librenms/logs/error_log;

    charset utf-8;
    gzip on;
    gzip_types text/css application/javascript text/javascript application/x-javascript image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon;

    # Main app
    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    # API v0
    location /api/v0 {
        try_files $uri $uri/ /api_v0.php?$query_string;
    }

    # PHP-FPM
    location ~ \.php$ {
        include fastcgi.conf;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/run/php-fpm-librenms.sock;

        # Force HTTPS inside PHP
        fastcgi_param HTTPS on;
        fastcgi_param HTTP_X_FORWARDED_PROTO https;
        fastcgi_param HTTP_X_FORWARDED_PORT 443;
    }

    # Security
    location ~ /\.ht {
        deny all;
    }
}

Test & reload NGINX

sudo nginx -t
sudo systemctl reload nginx

Set LibreNMS to use HTTPS

sudo nano /opt/librenms/.env

Set APP_URL with your domain name

  APP_URL=https://librenms.domain.com

Clear cache, but login as librenms user

su - librenms
php artisan config:clear
php artisan cache:clear

Done, Visit LibreNMS over HTTPS

Back to top