By default, Traccar serves its web interface and API over the standard HTTP protocol, which does not provide encryption. This guide explains how to configure Traccar to use HTTPS with SSL/TLS encryption for secure traffic. While the examples focus on Ubuntu Linux, the same approach applies to other platforms.
Traccar does not natively support secure connections, but you can enable them by running it behind a proxy server. In this guide, we will use the Caddy server.
To obtain a valid SSL certificate, you need a registered domain name. See our documentation on how to register and configure a custom domain name for Traccar. If you don’t yet own a domain, we recommend Namesilo, which offers consistently low prices for both new registrations and renewals.
First, install the latest version of Caddy. The commands below are for Ubuntu and Debian. For other platforms, refer to the Caddy installation documentation.
sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https curl curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list chmod o+r /usr/share/keyrings/caddy-stable-archive-keyring.gpg chmod o+r /etc/apt/sources.list.d/caddy-stable.list sudo apt update sudo apt install caddy
Next, update the Caddy configuration file:
sudo nano /etc/caddy/Caddyfile
Paste the following content into the file, replacing demo.traccar.org with your domain:
demo.traccar.org { reverse_proxy localhost:8082 } :80 { reverse_proxy localhost:8082 }
Restart the Caddy service:
sudo systemctl restart caddy
If your domain is configured correctly, Caddy will automatically obtain and install an SSL certificate for it using Let’s Encrypt.