rippled SSL-Certificate

Question

I want to have a secure connection to my rippled node. That is why I want my node to use the SSL-Certificate of my domain when I connect to it via websocket or grpc. I saved the certificate and the key at /etc/ssl/certs/server.pem and /etc/ssl/private/server.pem. But if I configure ssl_key = /etc/ssl/certs/server.pem and ssl_cert = /etc/ssl/private/server.pem my node won't start.

Are these the wrong fields? What else do you need for information?

Thank you.

Answer 1

I believe those are the correct fields. Make sure you've put them in the [server] stanza of your rippled.cfg file. You can learn about the stanzas and fields of the config file by reading the comments in the example file: https://github.com/ripple/rippled/blob/develop/cfg/rippled-example.cfg

Can you share the relevant sections of your rippled.cfg file?

If you are unsure how to format or edit the file, you can also try the XRPL Node Configurator: https://xrplf.github.io/xrpl-node-configurator

When you say that your node won't start: What does it do instead? Do you get an error message?

Answer 2

The rippled service had no permissions to open the directory where I stored the SSL key.