Custom SSL certificate or CloudFlare proxy

d.tarakanov

I installed FusionAuth on dedicated linux server.
Is there any option to use my ssl certificate to secure communication with FusionAuth app? By default its "Inversoft Self-signed root certificate Expired: Wednesday, 25 September 2013 "
And I can't change default port 9013 in option "fusionauth-app.https-port=9013" to 443. App just doesn't start. So I can't use cloudFlare proxy.

dan

And I can't change default port 9013 in option "fusionauth-app.https-port=9013" to 443. App just doesn't start

What error messages, if any, are you seeing in the logs when you try to start it? I was able to change the port to 4000 in a local instance and the app started. Are you starting FA using the root user, because when I changed SSL to run on 443, I saw this error:

29-May-2020 14:03:41.466 SEVERE [main] org.apache.catalina.core.StandardService.initInternal Failed to initialize connector [Connector[HTTP/1.1-443]]
...
Caused by: java.net.BindException: Permission denied

If you are seeing that in your Tomcat log files, you'll need to start tomcat as root or use a tool like jsvc to do so. Or you can just run the SSL listener on a port above 1024, like 9013.

Is there any option to use my ssl certificate to secure communication with FusionAuth app? By default its "Inversoft Self-signed root certificate Expired: Wednesday, 25 September 2013 "

You can do so by installing your own certificate in Tomcat. This is not something I've done before, but these instructions look helpful: https://tomcat.apache.org/tomcat-8.5-doc/ssl-howto.html