Secure Connection

By default, Traccar serves its web interface and API over the standard HTTP protocol, which does not provide encryption. This guide explains how to configure Traccar to use HTTPS with SSL/TLS encryption for secure traffic. While the examples focus on Ubuntu Linux, the same approach applies to other platforms.

Traccar does not natively support secure connections, but you can enable them by running it behind a proxy server. In this guide, we will use the Caddy server.

To obtain a valid SSL certificate, you need a registered domain name. See our documentation on how to register and configure a custom domain name for Traccar. If you don’t yet own a domain, we recommend Namesilo, which offers consistently low prices for both new registrations and renewals.

First, install the latest version of Caddy. The commands below are for Ubuntu and Debian. For other platforms, refer to the Caddy installation documentation.

sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https curl
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list
chmod o+r /usr/share/keyrings/caddy-stable-archive-keyring.gpg
chmod o+r /etc/apt/sources.list.d/caddy-stable.list
sudo apt update
sudo apt install caddy

Next, update the Caddy configuration file:

sudo nano /etc/caddy/Caddyfile

Paste the following content into the file, replacing demo.traccar.org with your domain:

demo.traccar.org {
  reverse_proxy localhost:8082
}
:80 {
  reverse_proxy localhost:8082
}

Restart the Caddy service:

sudo systemctl restart caddy

If your domain is configured correctly, Caddy will automatically obtain and install an SSL certificate for it using Let’s Encrypt.