Configure Pihole – Lighttpd to use HTTPS

If you search the Internet you will find lots of ways to use HTTPS in Pihole, but most of them are incomplete and will not work or will break after an Pihole update.
So here is an easy way that will resist Pihole updates and works 100%.

First make sure that the openssl mod is installed, in standard Pihole installs it is missing:

sudo apt-get reinstall lighttpd-mod-openssl

SSL Certificate (self signed)

cd /etc/lighttpd/certs

openssl req -new -x509 -keyout lighttpd.pem -out lighttpd.pem -days 999 -nodes

chmod 400 lighttpd.pem

Edit /etc/lighttpd/external.conf and add:

sudo nano /etc/lighttpd/external.conf

$SERVER["socket"] == ":443" {
  ssl.engine = "enable" 
  ssl.pemfile = "/etc/lighttpd/certs/lighttpd.pem" 

Do NOT edit the /etc/lighttpd/lighttpd.conf it will be overwritten by Pihole updates !!!

sudo service lighttpd restart

If you want Pihole HTTPS ONLY, just add:

sudo nano /etc/lighttpd/external.conf

$HTTP["scheme"] == "http" {
    $HTTP["host"] =~ ".*" {
      url.redirect = (".*" => "https://%0$0")

That will redirect HTTP to HTTPS.

Et voila…thats it, have fun !!!

2 Kommentare zu „Configure Pihole – Lighttpd to use HTTPS“

  1. Hello Ingo, thank you for your instruction. But I think there is a problem with directory of the file external.conf.

    When you look in the file „/etc/lighttpd/lighttpd.conf“ there is a line with „include „/etc/lighttpd/conf-enabled/*.conf“. That means you have to put the file external.conf in the directory „/etc/lighttpd/conf-enabled“. Otherwise the file will not be used for the configuration.

Kommentar verfassen

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert