SSL encryption on accessing Tryton with Client


I have the need to encrypt the communication in the internal network between the Tryton instance (Ubuntu, no docker)

How has the file for the combined cert to be generated that Tryton will accept it?

I have here:

  • CA CERT of the ssl provider
  • intermediate CERT consisting of three Certs inside
  • our Cert for our domain
  • the key file

How have these files to be concatenated that Tryton will accept it?
Is there a logfile where I can look if the Cert throws an error in Tryton?

In my trytond.conf I have the follwing:

privatekey = /etc/ssl/xyz/mydomain.key
certificate = /etc/ssl/xyz/mydomain.chained.crt



You can find information about werkzeug and ssl on Serving WSGI Applications — Werkzeug Documentation (3.0.x)

But using the builtin server for production is not recommended, the server is only for development purpose.
You should setup a reverse-proxy which should manage the encryption.

Also if you are using a private CA, you may need to add it to the tryton configuration.