Instruqt Docs
  • 🚩Getting started
    • Overview
    • Setting up
      • Study Room
    • Quickstart
  • 🛤️Tracks
    • Manage tracks
      • Create tracks
      • Edit locally
      • Test tracks
      • Track logs
      • Track time limits
      • Track feedback
      • Developer workflow
      • Track tags
      • Track authors
      • Delete tracks
      • Custom layouts
      • Version control
      • Loading experience
    • Challenges
      • Create challenges
      • Challenge tabs
      • Challenge order
      • Skip challenges
      • Add quizzes
      • Assignment display
      • Assignment editor
    • Share tracks
      • Live Events
        • Instructor tools
      • Track invites
      • Embed tracks
      • Landing pages
  • 🏖️Sandboxes
    • Overview
    • Sandbox hosts
      • Add hosts
      • Custom VM images
      • Custom container images
      • Public images
      • Windows VMs
      • Website service
      • SSL certificates
    • Cloud accounts
      • Securing your cloud accounts
      • Cloud Client
      • AWS accounts
        • AWS Environment Variables
        • AWS Managed Policies
        • AWS IAM Policies
        • AWS SCP Policies
      • Azure subscriptions
        • Azure Environment Variables
        • Azure Roles
        • Azure Resource Providers
      • GCP projects
        • GCP Environment Variables
        • GCP IAM Permissions
    • Lifecycle scripts
      • Scripting overview
      • Track scripts
      • Challenge scripts
      • Example scripts
      • Helper scripts
    • UI Checks
    • Global Sandbox Settings
      • Hot start
      • Sandbox presets
      • Custom resources
      • Cloud services and regions
        • Allowed services and regions
    • Secrets and variables
      • Runtime variables
      • Runtime parameters
      • Secrets
  • ⚙️Settings
    • Integrations
      • Salesforce (Beta)
      • HubSpot (Beta)
      • HubSpot (Using zapier)
      • LTI
      • Version control
        • GitHub
    • Authentication
      • SSO
      • API keys
    • Platform
      • API
      • Webhooks
      • Track limits
  • 💡Reference
    • Feature overview
    • Instruqt CLI
      • Commands
      • Configuration files
      • Assets
    • Instruqt platform
      • Networking
      • Host machine types
      • Quotas and limits
      • Roles and permissions
      • Network access
      • Requirements
  • 🛟Resources
    • Content design tips
    • Advanced use cases
    • Templates
    • FAQ
      • Running Windows Client Hosts on Instruqt
      • Using Cleanup Scripts in SaaS and Cloud Environments
      • Instruqt Regional Configurations and Restrictions
      • Troubleshooting Instruqt CLI Authentication Issues
      • Copy a Track from One Organization to Another via CLI
      • Network Configuration: IP and MAC Address Control
      • Container Troubleshooting in Instruqt
Powered by GitBook
On this page
  • Overview
  • Add SSL certificates
  • Use SSL certificates

Was this helpful?

Edit on GitHub
  1. Sandboxes
  2. Sandbox hosts

SSL certificates

Add SSL certificates to your virtual machines.

PreviousWebsite serviceNextCloud accounts

Last updated 1 year ago

Was this helpful?

Overview

Instruqt can automatically generate SSL certificates for VMs using . Automatic SSL certificate generation simplifies the process of securing virtual machines within your Instruqt sandbox environments.

Add SSL certificates

You can add an SSL certificate to a VM using the web UI or the Instruqt CLI.

  1. Select a VM in your track's sandbox.

  2. Click Show optional settings.

  3. Select Provision SSL certificate.

  4. Click Save host.

  1. Within a track's config.yml file, add the provision_ssl_certificate flag to a virtualmachine config to enable SSL certificate generation:

    config.yml
    
    version: "3"
    virtualmachines:
    - name: host01
      image: ubuntu-minimal-2004-lts
      shell: /bin/bash
      machine_type: n1-standard-1
      allow_external_ingress:
      - http
      - https
      - high-ports
      provision_ssl_certificate: true

Enable external ingress to port 443 (HTTPS) or high-ports on the VM to make use of the new certificates.

Use SSL certificates

When enabled, Instruqt will provision a certificate for the following domain names:

  • ${hostname}.${_SANDBOX_ID}.instruqt.io

  • *.${hostname}.${_SANDBOX_ID}.instruqt.io

The certificate is made available via the for that virtual machine instance. The public key is available under the ssl-certificate attribute, the private key under the ssl-certificate-key attribute. You can download them using a curl statement to the metadata service.

Here is an example of how to retrieve the SSL certificate using curl:

curl -s -o /etc/ssl/certs/sandbox.crt -H "Metadata-Flavor: Google" \
    "http://metadata.google.internal/computeMetadata/v1/instance/attributes/ssl-certificate"
curl -s -o /etc/ssl/private/sandbox.key -H "Metadata-Flavor: Google" \
    "http://metadata.google.internal/computeMetadata/v1/instance/attributes/ssl-certificate-key"

The certificates can retrieved and configured using a track or challenge's .

🏖️
Let's Encrypt
GCP metadata service
setup scripts