Configure Pihole – Lighttpd to use HTTPS

If you search the Internet you will find lots of ways to use HTTPS in Pihole, but most of them are incomplete and will not work or will break after an Pihole update.
So here is an easy way that will resist Pihole updates and works 100%.

First make sure that the openssl mod is installed, in standard Pihole installs it is missing:

sudo apt-get reinstall lighttpd-mod-openssl

SSL Certificate (self signed)

cd /etc/lighttpd/certs

openssl req -new -x509 -keyout lighttpd.pem -out lighttpd.pem -days 999 -nodes

chmod 400 lighttpd.pem

Edit /etc/lighttpd/external.conf and add:

sudo nano /etc/lighttpd/external.conf

$SERVER["socket"] == ":443" {
  ssl.engine = "enable" 
  ssl.pemfile = "/etc/lighttpd/certs/lighttpd.pem" 
}

Do NOT edit the /etc/lighttpd/lighttpd.conf it will be overwritten by Pihole updates !!!

sudo service lighttpd restart

If you want Pihole HTTPS ONLY, just add:

sudo nano /etc/lighttpd/external.conf

$HTTP["scheme"] == "http" {
    $HTTP["host"] =~ ".*" {
      url.redirect = (".*" => "https://%0$0")
    }
  }

That will redirect HTTP to HTTPS.

Et voila…thats it, have fun !!!

Kommentar verfassen

Deine E-Mail-Adresse wird nicht veröffentlicht.