#How to add HTTPS to a new self-hosted Digital Ocean Droplet.

How can I add https to a new self-hosted digital ocean droplet. http link to the ip address shows "Not secure" on the chrome browser and using HTTPS gives a error NET::ERR_CERT_AUTHORITY_INVALID on chrome.
Also, I am not planning to add a domain to it and keep using the ip in the mobile application. Is this ok to do ?
Although, the project this appwrite droplet supports can have a domain in the future.

You don't have a domain yet?

It's always recommended to issue an SSL cert to a domain, and not to an IP address.

Using the IP is not an issue technically, it's just a matter of best practice imo.

Also, you lose the functionality of sub-domains without a domain

Here's a stackoverflow post: https://stackoverflow.com/questions/2043617/is-it-possible-to-have-ssl-certificate-for-ip-address-not-domain-name

yes, I do not have a domain yet.

The entire concept of "issuing ssl" is new to me. I saw that LetsEncrypt issues it for 90 days and it needs to be renewed after that but not how it is renewed. And also is certificate something that is saved on server ? I wanted a simple solution so I can secure my appwrite instance and go back to creating apps which is my strong suit.

Ah okay. Well, SSL certificates are usually issued to a domain, and not the IP address it's mapped to.

So if you have a a domain example.com that points to 1.2.3.4, you can get an SSL cert for example.com but not for 1.2.3.4..

As for the Let's Encrypt certificates, it depends on how you install them initially. You're right that certificates are stored on the server. There is a service called certbot that can be installed on Linux, which issues Let's Encrypt certificates for the domain of your choice, and even sets up auto-renewal.

Edited and created a new reply to refer to above response.

A little out of context question : On one of my other projects, my web developer added a godaddy domain to Cloudflare and some A and CNAME entries into the DNS there and set "Allow only https" option on Cloudflare to YES which converted all http requests on browser to https. Did Cloudflare setup the ssl in that case.

Probably yes.

I think there should be one recommended and fully documented way to setup Appwrite for production including backing up db, and then let the users decide if they want to follow it or set it in their own way.

https://appwrite.io/docs/self-hosting

I have read those docs, I am talking about getting more in-depth steps.