LeGo CertHub

Installation

Download

LeGo CertHub can be obtained here. Download it and unpack it on the desired host.

Install

LeGo is compact and runs from one binary. To install it simply create a folder and place all of the files from the release package in it.If you want it running as a service (which you probably do) all you have to do is configure a service to run the executable.

For linux installation there is an install script in the scripts folder. After unpacking the release package, run ./install.sh as superuser (e.g. sudo) and the rest is done for you.

Configure

Create config.yaml in the same path as the LeGo executable. This file may already exist if you used an install script. Edit this file to suit your needs. Options are explained in config.default.yaml

In particular, you should pay special attention to the ports you're running the server on as well as the challenge methods. You may need to make changes to your dns, router, and firewall configurations. A basic understanding of ACME is needed to properly configure these settings and is beyond the scope of this documentation. If you want to bind to privileged ports (e.g. 80) you may need to make additional modifications to your host.

Once your config is complete, restart the LeGo server.

Enable SSL

Once logged in, create a new key.

Create a new account with that key. After creation, click 'Register'.

Create another new key. This key is for the LeGo server.

Create the certificate for the LeGo server.

Finally, place a new order for the certificate and wait for the order to be fulfilled. Refresh after a short wait and your order should be valid. If it isn't, check your challenges configuration, dns, router, and firewall settings.

Update SSL Config

If the key and certificate are named 'legocerthub' no config update is needed. Otherwise, set the names in config.yaml. Restart LeGo for SSL to become active.

Go to Settings and change the default password. Now you are all set to begin populating other keys and certificates.