Changing the default domain name

Support
1

I have no success changing the domain name from community.tao.internal to anything else.

I have followed the instructions here: Custom Domain name - TAO Community Edition

However this ends up with me not being able to connect to TAO instance due to SSL error:

  • Connected to my.custom.domain (127.0.0.1) port 443
  • ALPN: curl offers h2,http/1.1
  • TLSv1.3 (OUT), TLS handshake, Client hello (1):
  • TLSv1.3 (IN), TLS alert, internal error (592):
  • OpenSSL/3.0.13: error:0A000438:SSL routines::tlsv1 alert internal error
  • Closing connection
    curl: (35) OpenSSL/3.0.13: error:0A000438:SSL routines::tlsv1 alert internal error

As far as I can understand it is because the TLS certificate for my.custom.domain does not exist inside the container. Can I create a self-signed one? Where should it be placed? In which configuration file should it be referenced?

2

Hello, and welcome to TAO Community,

certificate is automatically provisioned and self-signed by Caddy when none is provided.

If you want to provision yours, you can eventually mount your own Caddy configuration in /etc/tao-ce/config/Caddyfile, based on this file tao-ce/etc/tao-ce/config/Caddyfile at main · tao-ce/tao-ce · GitHub ; in tls directive tls (Caddyfile directive) — Caddy Documentation . However, we only had few experiment on this, and we do not have full documentation yet.

Regarding the error message you added, it seems you are testing with curl.

  • Did you reinstall TAO Community Edition after applying changes ? (some configuration need to be regenerated)
  • Did you add -k flag on curl to skip errors due to self-signed certificate ?