news Version 0.8.4.0 Released (27th May 2026) - v0.8.4 Community Hotfix: backup, update, Web Console, and firewall fixes.
logo ASA Server Manager
logo ASA Server Manager
Installing HTTPS Certificates for the Web UI (AASM v0.8.3) | ARK Ascended Server Manager

Installing HTTPS Certificates for the Web UI

Self-signed cert in one click, plus how to install it as trusted

If you only access the Web UI from the host PC, plain HTTP is fine. The moment you access it over LAN (let alone WAN), you want HTTPS so passwords and session cookies aren't in the clear. AASM v0.8.3 ships a one-click Install Certificates button that generates a self-signed root CA + a server cert for the Web UI - and optionally installs the root into Windows' trusted store so your browser stops warning.

Prerequisites:

  • Web UI already enabled and working over HTTP.
  • AASM admin role.
  • You'll be running PowerShell with elevation (Windows UAC prompt).

Step 1 - Open Maintenance → Maintenance & Management

Server tab (any server) → Maintenance sub-tab → Maintenance & Management. Scroll to the Quick Actions & Management card → SYSTEM OPERATIONS section.

Step 2 - Click Install Certificates

The cyan Install Certificates button (next to Open Firewall Ports) generates the cert chain. Windows will prompt for elevation - approve it.

AASM creates a self-signed root CA + a server certificate bound to the host PC's common names (e.g. localhost, the LAN IP, the machine's hostname). The certs are stored next to AASM's data directory.

Step 3 - Configure Web UI to use HTTPS

Open the App Settings dialog → Web UI section. If a Use HTTPS toggle appears (it should now that the cert exists), enable it. The Web UI restarts and now listens on the same port over TLS.

Step 4 - Reconnect with https://

Update the URL you use to reach the Web UI:

https://192.168.1.42:3000

First visit, the browser will show a "Not secure" warning because the root CA isn't trusted yet. Step 5 fixes that.

Step 5 - Install the root CA into your trust store

On the AASM host PC, the root CA was already installed during step 2 (Windows trusted-root store). On other devices (your laptop, phone, etc.) you need to install it manually:

  • Copy the root CA file from the AASM host (location shown in Maintenance after install) to the device.
  • Windows other PC: double-click the .crt → Install Certificate → Local Machine → Trusted Root Certification Authorities.
  • macOS: double-click → Keychain Access → drag into System keychain → set to Always Trust.
  • Android/iOS: email yourself the .crt and install via the device's Settings → Security → CA install flow.

Self-signed certs are fine for LAN. For real WAN exposure, get a Let's Encrypt cert via your domain name and point AASM at it (advanced; see the Discord for help).

Installing HTTPS Certificates for the Web UI - done

The Web UI is now served over HTTPS with a self-signed cert. Trust the root on every device you connect from to silence the browser warning.

Related Guides

Setting Up the Web UI

Get the Web UI enabled first.

View Guide
Roles & Permissions

Lock down user accounts before exposing the Web UI.

View Guide
Open Firewall Ports

Different operation - this is the per-server game ports.

View Guide
View Documentation Get Support