I recently added a running copy of pi-hole onto a spare raspberry pi to test.
One thing I wanted to do was to make the admin view work with https.
This FAQ on enabling SSL has most of the information needed.
However - I am not using letsencrypt for this sort if internal setup - instead I have set up a local CA.
So - for this setup there were three steps:
Using the caman setup - add and sign a new certificate:
cd caman
./caman new pi-hole.my.local.domain
./caman sign pi-hole.my.local.domain
Now we need two files on the pi-hole machine.
ca/ca.crt.pem to /etc/lighttpd/fullchain.pemstore/pi-hole.my.local.domain/_date_/pi-hole.my.local.domain.keycrt.pem to /etc/lighttpd/combined.pemNote you need the keycrt.pem in combined - both key and certificate
Copy the suggested config from the FAQ and change the domain to pi-hole.my.local.domain.
At this point - when I did a config check (lighttpd -t -f /etc/lighttpd/lighttpd.conf) and it said I needed to enable the SSL module.
I did so with lighty-enable-mod ssl. However - this added two things to /etc/lighttpd/conf-enabled/10-ssl.conf (symlinked in from conf-available by the call to lighty-enable-mod) - the first loads the SSL module - the second tries to use a server.pem certificate on 0.0.0.0:443. I only want the module loading so I changed the file to simply be:
server.modules += ( "mod_openssl" )
And then restarted with service lighttpd restart
That was enough to get https://pi-hole.my.local.domain/admin to work.