⚠️ Advanced users

Generating an SSL Certificate for Nestri Relay

This guide is for developers and advanced users who wish to self-host Nestri Relay. We strongly discourage this setup for general users due to its complexity, particularly when it comes to configuring SSL certificates correctly. Using a self-signed certificate or manually generating certificates can lead to issues with browser compatibility and security warnings, making it difficult to ensure a smooth experience.

For most users, we highly recommend using the Nestri-hosted Relay, which requires no manual setup and is ready to use out of the box.

Generating an SSL Certificate Using Terraform

If you still wish to proceed with self-hosting, we recommend using Terraform to generate a valid SSL certificate. This method provides a secure, automated way to obtain the necessary certificates for Nestri Relay.

Usage

Update the terraform.tfvars file with your domain and email.
Run the following command to initialize the Terraform working directory:
```
terraform init
```
```
terraform plan
```
```
terraform apply
```

The configuration provides two sensitive outputs:

certificate_pem: The full certificate chain
private_key_pem: The private key for the certificate

These can be then be used in your moq-relay as it requires SSL/TLS certificates.

Note

The generated certificate and key files are saved locally and ignored by git:

.terraform
relay_*

Edit this page on GitHub

Nestri RelayDeploy Moq

Nestri RelayMoq Tester