how to enable synapse tls in freebsd14.1 ?

[fff2024g]

Dear all :
i have create matrix chat server with py311-matrix-synapse-1.116.0 in freebsd14.1 . but i want to enable tls support for chat encrypt .......how to generate below pem ? thanks.
tls_certificate_path:?????.pem
tls_private_key_path:?????.pem

did i add those lines to my homeserver.yaml can be enable tls ? thanks.

 

[SirDice]

Only internally? Or does it need a 'proper' SSL/TLS certificate? If you're only using this internally you could generate self-signed certificates.

 

[fff2024g]

Only internally? Or does it need a 'proper' SSL/TLS certificate? If you're only using this internally you could generate self-signed certificates.

Dear sirdice:
thanks. i just build this for test . below is the synapse info .
TLS:
This option specifies a PEM-encoded X509 certificate for TLS. This certificate, as of Synapse 1.0, will need to be a valid and verifiable certificate, signed by a recognised Certificate Authority. Defaults to none.

Be sure to use a .pem file that includes the full certificate chain including any intermediate certificates (for instance, if using certbot, use fullchain.pem as your certificate, not cert.pem).

and i have try below command for pem. but it's not work for me
openssl req -x509 -newkey rsa:4096 -sha256 -nodes -keyout private_key.pem -out mycert.pem -days 3650
tls_certificate_path:mycert.pem
tls_private_key_path: private_key.pem


i don't know how to build the pem and key . can you show me the step ? thanks.