How to set up Grafana HTTPS for secure web traffic

brianblaze · March 31, 2020, 8:21pm

I wonder if there is a better way to do this? Since lets encrypt is owned specifically by root I had to copy the key files the same way and give it proper permissions, but there must be a better way?! The only problem I had was trying to point to my key files in /etc/letsencrypt/… without compromising my certs permissions of course

srkfru87 · April 8, 2020, 8:13am

Hi All,

I have generated .csr and .key file in grafana server and gave .csr file to our CA team to get this signed. When CA autority signed this they gave me 3 file in .crt format(Server.crt, Intermediate.crt and Root.crt). I am not sure how to use this file in grafana. For now i am using below configuration but this is not working. Can someone help me on this how to do the setup.

cert_file = /etc/grafana/crt/ServerCertificate.crt(CA signed certificate)
cert_key = /etc/grafana/server.key(this one is first file that i created using openssl command )

Thanks,
Srikanta

meesaltena · April 20, 2020, 2:42pm

Thank you so much. I can’t believe a relatively basic use case like this isn’t explained elsewhere. Yours is the only solution that I’ve found to work!

sunilaws2411 · April 20, 2020, 3:10pm

Hey zigobs, I have been trying to set things according to the explanation that you have given. I am new to grafana. However, I am unable to get the solution working on my EC2. Can you explain the steps clearly and mention everything step by step?

I have installed httpd, mod_ssl, and certbot to create the SSL certificate.

The https link says “Your connection is not private” and does not load the grafana page.

rajeshmakam · July 13, 2020, 8:17am

Hi,

I dont have etc/grafana folder.
After installing Grafana, I have C:\Program Files\GrafanaLabs\grafana
So where exactly I should keep cert and key file?

yashshahh08 · March 1, 2021, 7:36am

I am also stuck on the same problem. Did you get any solution?

manjunathin · May 24, 2021, 1:30pm

any solution identified for this?

smjohnson · June 16, 2021, 9:00pm

Not sure if this is the problem, but for those with Grafana on Windows this is what I figured out. The cert_file, cert_key, and related options have to point to the correct path in quotes. eg cert_file = “C:\somepath\to\your\certfile.pem”

T_GrumpyEngineer · July 27, 2021, 11:03am

Can this be closed and redirect to a wiki if solved by people above while others like myself are struggling to make sense?

kiwironnie · December 9, 2021, 7:27pm

This worked for me:

sudo setfacl -R -m u:username:rX /etc/letsencrypt/{live,archive}

gopal18k20 · February 15, 2022, 5:20am

Hi @sanju443ts- Is the issue resolved. Can you help me on this

devopsharesh · June 20, 2022, 3:03pm

As i understand we need to move cert files in /etc/grafana folder is it ?

grant2 · June 20, 2022, 3:31pm

Correct. I just set this up on Debian a few months ago and it works fine if you place the cert files in /etc/grafana

grant2 · February 13, 2023, 10:35am

Could you share the solution?

mattabrams · March 29, 2023, 9:15pm

Dear all,

we now have official documentation that details how to set up Grafana HTTPS for secure web traffic:

Topic		Replies	Views
Grafana https error Configuration	0	540	December 2, 2021
Https on localhost Configuration	0	1473	February 23, 2019
Facing issue while Setting up Grafana from HTTP to HTTPS Configuration configuration , config-help	2	2058	February 15, 2022
Question about forcing HTTPS traffic with Grafana Configuration	9	13996	March 15, 2023
Struggling with config Configuration	1	590	October 17, 2018

How to set up Grafana HTTPS for secure web traffic

Related topics