Custom Domain Setup

To secure communication between your users and the Orangescrum server, it’s highly recommended to enable HTTPS.

Option 1: Let’s Encrypt (Recommended)

For production:

sudo apt install certbot python3-certbot-apache -y

sudo certbot –apache -d projects.yourdomain.com

This automatically issues a free SSL certificate and updates your Apache configuration.

Option 2: Self-Signed SSL (for Testing)

For testing or private networks:

sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
-keyout /etc/ssl/private/yourdomain.key \
-out /etc/ssl/certs/yourdomain.crt

Then configure Apache/Nginx as a reverse proxy to forward HTTPS traffic to the Orangescrum app (usually running on port 8080):

<VirtualHost *:443>

    ServerName projects.yourdomain.com

    SSLEngine On

    SSLCertificateFile /etc/ssl/certs/yourdomain.crt

    SSLCertificateKeyFile /etc/ssl/private/yourdomain.key

    ProxyPass / http://localhost:8080/

    ProxyPassReverse / http://localhost:8080/

</VirtualHost>

DNS Tip: Ensure an A-record for projects.yourdomain.com points to your server’s IP address before enabling SSL.