> For the complete documentation index, see [llms.txt](https://documentation.hak5.org/cloud-c2/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://documentation.hak5.org/cloud-c2/guides/cloud-c-setup-with-self-signed-ssl-certificates.md). # Cloud C² Setup with Self-Signed SSL certificates By default when using the `-https` flag with the Cloud C² binary, a Let's Encrypt certificate will be used. In the case that you wish to provide a self-signed certificate, please note the following additional deployment details: 1\) When generating the certificate, the Common Name must be the IP address or FQDN of the server. See this example: ``` Our self-signed certificate was generated like this: (192.168.0.119 is the IP address of the machine running the Hak5 Cloud C2 server) openssl req -newkey rsa:2048 -x509 -sha256 -days 3650 -nodes -out cert.crt -keyout cert.key Country Name (2 letter code) [AU]:GB State or Province Name (full name) [Some-State]:Manchester Locality Name (eg, city) []:Manchester Organization Name (eg, company) [Internet Widgits Pty Ltd]:Hak5 Organizational Unit Name (eg, section) []:Developers Common Name (e.g. server FQDN or YOUR name) []:192.168.0.119 Email Address []:shop@hak5.org ``` \ 2\) When provisioning the device, in addition to copying the `device.config` file to `/etc/`, the generated `cert.crt` must be appended to the `cert.pem` file in `/etc/ssl/`. ``` 1) SCP the resulting cert.crt to your devices, in "/etc/ssl/certs" 2) SSH into your device 3) Execute "cd /etc/ssl" 4) Execute "cat certs/cert.crt >> cert.pem" 5) Reboot the device The device should now successfully check-in to the Hak5 Cloud C2 ``` \ 3\) the command line arguments should be passed in the order `-hostname`, `-https`, `-keyFile` and `-certFile` ``` ./c2-3.2.0_amd64_linux -hostname 192.168.0.119 -https -keyFile /var/hak5c2/cert.key -certFile /var/hak5c2/cert.crt ``` {% hint style="info" %} From version 3.0.0 onward all, Cloud C² editions (Community, Edition, Teams) use the same binary. Filenames for Cloud C² will differ from example — however all parameters remain the same. {% endhint %} --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://documentation.hak5.org/cloud-c2/guides/cloud-c-setup-with-self-signed-ssl-certificates.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.