If you search the Internet you will find lots of ways to use HTTPS in Pihole, but most of them are incomplete and will not work or will break after an Pihole update.
So here is an easy way that will resist Pihole updates and works 100%.
First make sure that the openssl mod is installed, in standard Pihole installs it is missing:
sudo apt-get reinstall lighttpd-mod-openssl
SSL Certificate (self signed)
cd /etc/lighttpd/certs
openssl req -new -x509 -keyout lighttpd.pem -out lighttpd.pem -days 999 -nodes
chmod 400 lighttpd.pem
Edit /etc/lighttpd/external.conf and add:
sudo nano /etc/lighttpd/external.conf
$SERVER["socket"] == ":443" {
ssl.engine = "enable"
ssl.pemfile = "/etc/lighttpd/certs/lighttpd.pem"
}
Do NOT edit the /etc/lighttpd/lighttpd.conf it will be overwritten by Pihole updates !!!
sudo service lighttpd restart
If you want Pihole HTTPS ONLY, just add:
sudo nano /etc/lighttpd/external.conf
$HTTP["scheme"] == "http" {
$HTTP["host"] =~ ".*" {
url.redirect = (".*" => "https://%0$0")
}
}
That will redirect HTTP to HTTPS.
Et voila…thats it, have fun !!!