Hi,
we have HTTPS between the Cockpit session helper and the Smart Proxy working now, but the details of where the session helper gets the certificates from are still open.
Documentation exists now and a couple of people have successfully run through them: https://github.com/mvollmer/foreman-cockpit/tree/master
Here is a demo with three machines, which also shows that error messages are getting better: https://www.youtube.com/watch?v=LVURfdfIuCs