LeGo CertHub
LeGo CertHub
InstallConfigureServer UsageClient UsageDownloadAuthorSource

Configure

LeGo Certhub has a config.yaml file to set various operational parameters. This page details each parameter's name and functionality. A lot of similar information is contained with in the config.default.yaml.

hostname

hostname sets the name of the host that LeGo will bind to. This should be a hostname and not an ip address due to ssl needs, but an ip address will technically work to get the server started.

https_port & http_port

These ports specify the port number to bind the LeGo server to. This is both the API backend as well as the frontend (if the backend is serving the frontend).

enable_http_redirect

If this is true, when the server is running on https, an additional server will be started on http to redirect to https.

log_level

Self-explanatory log level. This applies to both console and file logging.

serve_frontend

If true, LeGo server will also host the frontend. That is, on the API endpoint server there will be a path /app that will serve the UI. Generally this should be true unless you are doing advanced configuration.

private_key_name & certificate_name

These define the key and certificate pair names that LeGo will use to run in https mode.

dev_mode

Enabled debug logging and some other minor tweaks to how the server operates. Generally only use this if you are trying to troubleshoot something. Do not leave this on in production.

orders

This section contains options the change how automatic refreshing of certificates functions.

auto_order_enable

Generally should always be true. This makes the server automatically place new orders when old orders are aging out.

valid_remaining_days_threshold

The number of remaining valid days on a certificate before the server places a new order for that certificate.

refresh_time_hour & refresh_time_minute

The time the daily refresh task should run.

challenges

This section contains options relating to how challenges are solved.

dns_checker: dns_services: primary_ip & secondary_ip

This array defines the DNS servers that LeGo will use to check for DNS propagation when using a dns challenge solving method. Only a primary_ip is necessary but if a particular provider has a secondary that can also be specified.

providers

This section has various options to configure different providers. See the config.default.yaml for more details.