If your API's SSL certificates are signed by an internal CA, Retool refuses to connect over HTTPs unless you configure Retool to trust your CA. You do this by setting
NODE_EXTRA_CA_CERTS to the absolute path of your certificate files. The files need to include one or more trusted certificates in PEM format.
With Docker Compose deployments, you need to store the certificate as a file on the filesystem, and then mount that file to the
- Create a subdirectory in your
- Save your internal certificate in PEM format to
- Configure the following
version: '2' services: api: image: tryretool/backend:latest env_file: ./docker.env ... volumes: - ./ssh:/retool_backend/autogen_ssh_keys - ./ca:/retool_backend/ca db-connector: ... volumes: - ./ca:/retool_backend/ca
NODE_ENV=production ... NODE_EXTRA_CA_CERTS=/retool_backend/ca/cert.pem ...
The process for Kubernetes and other deployment options are similar to Docker Compose, but you might have different options depending your infrastructure. For example, with Kubernetes you can use Kubernetes Secrets, and with Heroku you can extend the Dockerfile to copy the certificate into the container.
Updated 14 days ago