SSL / HTTPS
m1nd supports HTTPS with multiple certificate provisioning methods.
PFX/P12 Upload
Upload IIS-style certificate bundles directly from the browser:
- Passphrase-encrypted certificates supported
- Wildcard certificates supported
- Upload via Settings > SSL
Let's Encrypt
Automated certificate provisioning via ACME:
- Provisions certificates from Let's Encrypt automatically
- Handles renewal
- Configure via Settings > SSL > Let's Encrypt
Certificate Status
View current certificate details from the dashboard:
- Subject — certificate common name
- Expiry — expiration date
- Issuer — certificate authority
HTTPS Redirect
When SSL is active, enable optional HTTP → HTTPS redirect to ensure all traffic is encrypted.
Privileged Ports
m1nd binds ports 80 and 443 via CAP_NET_BIND_SERVICE — no root access needed. This is handled by the systemd service's AmbientCapabilities directive.
ini
AmbientCapabilities=CAP_NET_RAW CAP_NET_ADMIN CAP_NET_BIND_SERVICE