SSL certificates

Add SSL certificates to your virtual machines.


Instruqt can automatically generate SSL certificates for VMs using Let's Encrypt. Automatic SSL certificate generation simplifies the process of securing virtual machines within your Instruqt sandbox environments.

Add SSL certificates

You can add an SSL certificate to a VM using the web UI or the Instruqt CLI.

  1. Select a VM in your track's sandbox.

  2. Click Show optional settings.

  3. Select Provision SSL certificate.

  4. Click Save host.

Enable external ingress to port 443 (HTTPS) or high-ports on the VM to make use of the new certificates.

Use SSL certificates

When enabled, Instruqt will provision a certificate for the following domain names:

  • ${hostname}.${_SANDBOX_ID}

  • *.${hostname}.${_SANDBOX_ID}

The certificate is made available via the GCP metadata service for that virtual machine instance. The public key is available under the ssl-certificate attribute, the private key under the ssl-certificate-key attribute. You can download them using a curl statement to the metadata service.

Here is an example of how to retrieve the SSL certificate using curl:

curl -s -o /etc/ssl/certs/sandbox.crt -H "Metadata-Flavor: Google" \
curl -s -o /etc/ssl/private/sandbox.key -H "Metadata-Flavor: Google" \

The certificates can retrieved and configured using a track or challenge's setup scripts.

Last updated