Install SSL certificates

availability

Package: Invicti AppSec Core (on-demand), Invicti AppSec Enterprise (on-premise, on-demand)

Self-signed SSL certificates aren't secure for use in public-facing websites or applications due to the absence of validation from a trusted third-party organization. This results in web browsers displaying warning messages about potential security risks, leading to user distrust and discouragement from using the site.

caution

To install SSL Certificates, you need to have both .pem and .key files.

With these files available, you can complete the installation process by following the steps outlined below.

Install SSL certificates

1. Stop Nginx and Invicti AppSec Service:

   systemctl stop nginx
   systemctl stop kondukto

2. Edit the kondukto.conf file with Vim, Nano, or another text editor:

   vim /etc/nginx/sites-available/kondukto.conf

3. Change the directories of the .pem and .key files:

   Replace the directories of pem and key files, which you can find on lines 47 and 48 of the file, with the directories of your own files:

   ssl_certificate {YOUR_PEM_FILE_PATH/YOUR_CER_FILE_PATH};
   ssl_certificate_key {YOUR_KEY_FILE_PATH};

   After editing is complete, save and exit.

4. Restart Invicti AppSec and Nginx Service:

   systemctl start kondukto
   systemctl start nginx

---

Need help?

Invicti Support team is ready to provide you with technical help. Go to Help Center