Installing your own custom CertificateSummaryHave Sophie use your internal-domain certificate for web-access and sending data Note: this article is only relevant to on-premises installations ReleaseSophie standalone versions 3.4.x -3.7.x Instructions By default, Sophie will serve a self-signed certificate. To avoid this, issue a certificate for the domain-name you use when opening the Sophie web-app. 1. Check if LOOM_HOME/cert folder exists. NOTE: If folder doesn't exist please create it: [[ -d $LOOM_HOME/cert ]] || mkdir -p /opt/loom/cert 2. Put your certificate and key under /opt/loom/cert folder cp custom.crt custom.key /opt/loom/cert/ 3. Run certificate installation script loom various install-certificate /opt/loom/cert/custom.crt /opt/loom/cert/custom.key 4. Restart occultus-ui container docker restart occultus-ui That's it! browse to the Sophie web-app - the certificate should now be served. For Version 3.1 -3.3:The private key will be used by the internal Nginx server, which expects a key and certificate, both in PEM format.Then, run the following command: loom various install-certificate install-certificate \ $LOOM_HOME/lib/loom/loom-cli-3.2.0-b4/loom/resources/ssl/cert.pem \ $LOOM_HOME/lib/loom/loom-cli-3.2.0-b4/loom/resources/ssl/key.pem Note that older versions used this path instead : $LOOM_HOME/resources/auth This will create entries in the configuration file, typically under $LOOM_HOME/.conf/loom_config.yaml - you can manually edit the ssl section if needed. To have the changes take effect, run loom restart. That's it! browse to the Sophie web-app - the certificate should now be served. Note: you can choose another path for the certificate, but it must be under $LOOM_HOME