You are currently viewing How to Configure SSL for Odoo? A Complete Guide

How to Configure SSL for Odoo? A Complete Guide

Follow Us On Whatsapp
Follow Us On Facebook

In today’s digital world, security is a top priority for businesses. When it comes to managing sensitive information, such as customer data, financial records, and other confidential business operations, securing your web application is crucial. Odoo, being one of the most popular open-source ERP platforms, is widely used by businesses across the globe to manage various aspects of their operations. To ensure that the communication between your Odoo server and clients is secure, configuring SSL (Secure Socket Layer) is essential.

In this guide, we’ll walk you through the steps needed to How to Configure SSL for Odoo instance, so you can ensure encrypted and secure communication for your users.

Also Read:

How to Configure SSL for Odoo: What is SSL and Why Is It Important for Odoo?

SSL (Secure Sockets Layer) is a standard security protocol used to establish an encrypted connection between a server and a client (usually a browser). It ensures that the data transmitted between the two parties is secure, preventing unauthorized access and data interception.

For Odoo, SSL helps in the following ways:

  • Data Encryption: SSL encrypts sensitive data transmitted between the user’s browser and the Odoo server, preventing eavesdropping.
  • Authentication: It ensures that the data is being sent to the correct server, not an imposter.
  • Improved Trust: A valid SSL certificate provides users with a sense of trust by displaying a “padlock” icon and HTTPS in the address bar of the browser.

Without SSL, data transmitted via HTTP can be intercepted and manipulated, making it easier for attackers to steal sensitive information. Therefore, configuring SSL for your Odoo server is a critical step for protecting your business and your users’ data.

Prerequisites

Before you begin configuring SSL for your Odoo instance, ensure that you meet the following prerequisites:

  1. A Domain Name: You need a domain name for your Odoo instance (e.g., https://yourcompany.com).
  2. A Server: Odoo should be installed and running on your server. It could be on a VPS, dedicated server, or cloud platform (like AWS, DigitalOcean, etc.).
  3. Root Access: You need root or sudo access to the server in order to install and configure SSL.
  4. A SSL Certificate: You can obtain an SSL certificate from a trusted certificate authority (CA) or use a free service like Let’s Encrypt.

Steps to Configure SSL for Odoo

Step 1: Install Certbot (For Let’s Encrypt SSL Certificate)

Let’s Encrypt is a free, automated, and open certificate authority that provides free SSL certificates. Certbot is a tool that helps automate the installation and renewal of Let’s Encrypt SSL certificates.

1.1. Update Your Server

First, make sure that your server is up-to-date. Run the following commands:

bash
sudo apt update
sudo apt upgrade
1.2. Install Certbot

To install Certbot, run the following commands:

bash
sudo apt install certbot python3-certbot-nginx

If you are using Apache instead of Nginx, you can install the Apache plugin like this:

bash
sudo apt install certbot python3-certbot-apache

Step 2: Obtain an SSL Certificate

Now, let’s obtain the SSL certificate for your domain using Certbot. You’ll need to ensure that your domain name is pointing to your server’s IP address, and your web server (Nginx or Apache) is properly configured.

For Nginx, use the following command to obtain and install the SSL certificate:

bash
sudo certbot --nginx -d yourdomain.com -d www.yourdomain.com

For Apache, use:

bash
sudo certbot --apache -d yourdomain.com -d www.yourdomain.com

Follow the on-screen instructions, and Certbot will automatically configure SSL for your domain. It will also update your Nginx or Apache configuration to ensure that HTTPS is enabled.

Step 3: Configure Nginx for SSL (if using Nginx)

Once the SSL certificate is installed, you need to configure Nginx to handle HTTPS requests for your Odoo server. This is done by editing the Nginx server block configuration file.

3.1. Open the Nginx Configuration File

Edit the Nginx configuration file for your Odoo site. Typically, the file is located in /etc/nginx/sites-available/yourdomain.com.

bash
sudo nano /etc/nginx/sites-available/yourdomain.com
3.2. Modify the Configuration for SSL

Make sure your server block includes the SSL configuration. Here is an example of how it should look:

nginx
server {
listen 80;
server_name yourdomain.com www.yourdomain.com;

# Redirect HTTP to HTTPS
return 301 https://$host$request_uri;
}

server {
listen 443 ssl;
server_name yourdomain.com www.yourdomain.com;

# SSL Configuration
ssl_certificate /etc/letsencrypt/live/yourdomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/yourdomain.com/privkey.pem;

ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256';

# Odoo configuration
location / {
proxy_pass http://127.0.0.1:8069;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
}
}

In this configuration:

  • The first server block listens on port 80 and automatically redirects all HTTP traffic to HTTPS.
  • The second server block listens on port 443 (for HTTPS) and includes the paths to the SSL certificate and private key obtained by Certbot.
  • The proxy_pass directive forwards the request to the Odoo backend, which runs on port 8069.
3.3. Test the Configuration

After editing the configuration file, test it to ensure there are no syntax errors:

bash
sudo nginx -t
3.4. Reload Nginx

If the test is successful, reload Nginx to apply the changes:

bash
sudo systemctl reload nginx

Step 4: Configure Odoo to Use SSL (Optional)

Although Nginx or Apache is handling SSL termination, it’s still a good practice to let Odoo know that it’s running behind a reverse proxy (which is often the case when using Nginx or Apache). This ensures Odoo can correctly identify the protocol (HTTPS) used by the client.

To configure this in Odoo, edit the odoo.conf file:

bash
sudo nano /etc/odoo/odoo.conf

Add or modify the following line:

graphql
proxy_mode = True

This tells Odoo that it is behind a reverse proxy and will adjust its behavior accordingly.

Step 5: Test the SSL Configuration

After completing these steps, you should now be able to access your Odoo instance via HTTPS. Open your browser and navigate to:

arduino
https://yourdomain.com

You should see the Odoo login page with the “padlock” icon in the address bar, indicating that the connection is secure.

Step 6: Set Up SSL Renewal

Let’s Encrypt certificates are valid for 90 days, but Certbot automatically sets up a cron job to renew the certificate before it expires. To check that the renewal process is working correctly, run:

bash
sudo certbot renew --dry-run

This command will simulate the renewal process and ensure everything is set up properly.

Conclusion

Securing your Odoo instance with SSL is an essential step in safeguarding your business data and ensuring that your users can trust your platform. By following this guide, you can easily configure SSL for your Odoo server, whether you are using Nginx or Apache, and take advantage of free, automated SSL certificates from Let’s Encrypt.

With SSL configured, your Odoo instance will be more secure, providing encrypted communication between the server and clients, and enhancing the overall trustworthiness of your business.

For more information about the How to Configure SSL for Odoo: visit this link.

If you want to Free Trail Zoho, click on this link.

Tags: , , ,

Yasir Baig

My name is Mirza Yasir Baig. As an experienced content writer and web developer, I specialize in creating impactful digital experiences. With expertise in WordPress programming and the MERN stack, I have built and managed various web platforms, including the different a dedicated resource for both Pakistani and international students seeking quality courses and training programs. My work is driven by a passion for education and technology, ensuring that content is not only engaging but also optimized for search engines (SEO) to reach a wider audience.

Leave a Reply