Skip to content

Using Certificates

This page instructs you on how to use pre-made certificates with PiCockpit, in case your place of business uses deep packet inspection (DPI).


Under most circumstances, users do not need to rely on this information. This page is only for users in need of certificate verification.


Please first install the proxy or DPI certificate on the client.

As some pre-requisites, please:

  • ensure that the certificate is not empty
  • ensure that permissions are in order
  • ensure that the certificate is located in the proper path

You can run this command to see that the certificates are set up properly:

ls -l  /usr/local/share/ca-certificates/


If the device appears on the web interface but does not appear as "connected", then there are a few potential issues.

It might have navigated the DPI correctly, but the certificate might not be in the service file or the PiCockpit configuration file.

A potential fix is to run the following in the terminal:

sudo systemctl stop picockpit-client

And then edit the environmental variables. If you do with this Nano as your text editor, run this:

sudo nano /etc/picockpit-client/env.json

And then edit it so it looks like the following:

"NODE_EXTRA_CA_CERTS" : "/path/to/your/certificat"

If you're using Nano, then you need to then hit Ctrl + X to save it.

Finally, run:

sudo systemctl daemon-reload
sudo systemctl start picockpit-client