TLS Configuration

You have several options to control TLS settings for site deployed on DDEV-Live. TLS settings include the delivery of a Let's Encrypt SSL certificate and redirecting between http and https.

You can view the TLS and CERTIFICATE ISSUER sections of ddev-live config site output to view a site's configurations.

Disable TLS

The following example disables TLS for the mysite site in the ddev-demo organization.

$ ddev-live config tls mysite --tls-disable
Updated hostname settings for ddev-demo/mysite

The output of ddev-live describe site mysite will have an updated TLS section.
TLS Provider:
TLSDisable:         true
TLSDisableRedirect: false

It is advisable to disable the redirect if you would like to disable TLS. The site described in the output above has https disabled, but will attempt to redirect to https generating an error.

Disable TLS Redirect

The following example disables the TLS Redirect for the mysite site in the ddev-demo organization.

$ ddev-live config tls mysite --redirect-tls-disable
Updated hostname settings for ddev-demo/mysite

The output of ddev-live describe site mysite will have an updated TLS section.
TLS Provider:
TLSDisable:         true
TLSDisableRedirect: true

The site described above would not work on https and would work on http.

Enable TLS

The following example enables TLS for the mysite site in the ddev-demo organization.

$  ddev-live config tls mysite --tls-enable
Updated hostname settings for ddev-demo/mysite

The output of ddev-live describe site mysite will have an updated TLS section.
TLS Provider:
TLSDisable:         false
TLSDisableRedirect: true

The site described above would work on both http and https.

Enable TLS Redirect

The following example enables TLS redirects for the mysite site in the ddev-demo organization.

$ ddev-live config tls mysite --redirect-tls-enable
Updated hostname settings for ddev-demo/mysite

The output of ddev-live describe site mysite has will have an updated TLS section.
TLS Provider:
TLSDisable:         false
TLSDisableRedirect: false

The site described above would successfully redirect http traffic to https.


Last update: 2020-05-29