Chainlink Developers

Welcome to the Chainlink documentation site. You'll find comprehensive guides and documentation to help you start working with Chainlink as quickly as possible, as well as support if you get stuck. Click here for an introductory walkthrough on how to create a Chainlink request on the Ropsten test network!

Enabling HTTPS Connections

In the Running a Chainlink Node guide, the environment variable CHAINLINK_DEV is set to true. This allows for normal HTTP connections, but isn't secure in a production environment. This guide will walk you through how to generate your own self-signed certificates for use by the Chainlink node. You can also substitute self-signed certificates with certificates of your own, like those created by Let's Encrypt.

You will need OpenSSL in order to generate your own self-signed certificates.

Run this command to create a server.cert and server.key file in the current directory:

openssl req -x509 -out server.crt  -keyout server.key \
  -newkey rsa:2048 -nodes -sha256 \
  -subj '/CN=localhost' -extensions EXT -config <( \
   printf "[dn]\nCN=localhost\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName=DNS:localhost\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth")

Create a directory tls/ within your local Chainlink directory:

mkdir ~/.chainlink-ropsten/tls
mkdir ~/.chainlink-rinkeby/tls
mkdir ~/.chainlink-kovan/tls

Now copy the server.crt and server.key files into that directory:

cp server.crt ~/.chainlink-ropsten/tls/server.crt
cp server.key ~/.chainlink-ropsten/tls/server.key
cp server.crt ~/.chainlink-rinkeby/tls/server.crt
cp server.key ~/.chainlink-rinkeby/tls/server.key
cp server.crt ~/.chainlink-kovan/tls/server.crt
cp server.key ~/.chainlink-kovan/tls/server.key

Next, add the TLS_CERT_PATH and TLS_KEY_PATH environment variables to your .env file.

echo "TLS_CERT_PATH=/chainlink/tls/server.crt
TLS_KEY_PATH=/chainlink/tls/server.key" >> .env

If CHAINLINK_TLS_PORT=0 is present in your .env file, remove it by running:

sed -i '/CHAINLINK_TLS_PORT=0/d' .env
sed -i '' '/CHAINLINK_TLS_PORT=0/d' .env

Finally, update your run command to forward port 6689 to the container instead of 6688:

Note: Remove --link eth if you are not running your Ethereum client following this guide.

docker run --link eth -p 6689:6689 \
           -v ~/.chainlink-ropsten:/chainlink \
           -it --env-file=.env \
           smartcontract/chainlink n
docker run --link eth -p 6689:6689 \
           -v ~/.chainlink-rinkeby:/chainlink \
           -it --env-file=.env \
           smartcontract/chainlink n
docker run --link eth -p 6689:6689 \
           -v ~/.chainlink-kovan:/chainlink \
           -it --env-file=.env \
           smartcontract/chainlink n

Now when running the node, you can access it by navigating to https://localhost:6689 if running on the same machine.