In the default configuration myMPD encrypts traffic on port 443, set
false to disable encryption. If ssl is enabled, myMPD redirects port 80 to 443. If you want to install myMPD as an app in chrome you need ssl.
Certificates are checked at startup and if necessary created or renewed. myMPD maintains a CA certificate and a server certificate signed with this ca.
- Lifetime of the CA certificate: approximately 10 years
- Lifetime of the server certificate: 1 year
The validity of the server certificate is so short because browsers no longer trust certificates with long durations, even if they are self-signed. On startup myMPD checks the expiration date of the certificate and renews it if necessary.
The default certificates are saved in the directory
|ca.pem||Self signed CA certificate|
|ca.key||CA private key|
|server.key||Server private key|
The server certificates SAN is:
- DNS: localhost
- IP: 127.0.0.1
- IP: ::1
<full qualified hostname>
<ip of resolved hostname>
You can edit the file
/var/lib/mympd/config/ssl_san before starting myMPD to add additional names or ip addresses to the certificate, e.g.
To regenerate the server certificate stop myMPD, and remove the
You can download the CA certificate in the About dialog and import it in your operatingsystem or browser to avoid ugly ssl warnings and trust this ca. Do not import the server certificate.
You can of course use your own certificate, e.g. from Let’s Encrypt.
|ssl_key||path to custom ssl key|
|ssl_cert||path to custom ssl certificate|