For qbittorrent to register as a magnet handler it needs to be using TLS.
Create a Certificate Authority, add the CA Cert to your own PC's trusted store.
Then import it directly into Firefox.
Create a subsidiary cert with the URL of qbittorrent as the CN and also Alt name DNS Name and also the IP just in case.
Sign it with your CA cert, this part is made easier if you're using a cert authority software and not just raw openssl but you do you.
Copy the cert and key into qbittorrent and tell it to use the certs YAY.
OK but qbittorrent doesn't support both HTTP and HTTPS, so now Sonarr is complaining about cross security issues, so enable SSL for Sonarr.
Sonarr is made with C# and only supports PFX certs and also they haven't added a gui option to set it for some reason.
First create a cert for radarr like you did for qbittorrent.
Then turn it into a pem like this:
cp cert.crt cert.pem
cat cert.key >> cert.pemThen convert it to a PFX like this:
openssl pkcs12 -export -out sonarr.pfx -inkey sonarr.pem -in sonarr.pem -certfile sonarr.pemCopy that PFX file somewhere Sonarr can see it, then edit Sonar's config.xml and edit the SSL
SslCertPath value to point to your cert e.g.:<SslCertPath>/config/certs/sonarr.pfx</SslCertPath>I couldn't find that documented anywhere idk.
Anyway Sonarr still won't work because remember you're using your own CA because fuck buying a domain name. The host of Sonarr also needs to trust your CA, I sure hope you're using docker compose but that what this is about.
Create a shell script somewhere Sonarr can see it and put this inside:
#!/bin/sh
cp /config/certs/ca.crt /usr/local/share/ca-certificates/
update-ca-certificates/config/certs/ca.crt or wherever you want just amend the script for wherever you put it.Now add this to the Sonarr service in your docker compose file:
post_start:
- command: ./config/certs/update-ca.shI sure hope your container supports all that, good luck everyone, maybe a reverse proxy would've been easier after all hey.
#sonarr #dockercompose #certificates
CowMan 
