lego
certwarden-backend
lego | certwarden-backend | |
---|---|---|
56 | 4 | |
7,324 | 17 | |
1.9% | - | |
8.9 | 9.5 | |
8 days ago | 12 days ago | |
Go | Shell | |
MIT License | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
lego
-
Take a look at traefik, even if you don't use containers
This is one area where I've found nixos to be really helpful. I can set this up with just adding some lines to the configuration.nix (which uses [lego](https://github.com/go-acme/lego) and letsencrypt in the backend):
```nix
-
Dehydrated: Letsencrypt/acme client implemented as a shell-script
Self contained but hardly a tiny supply chain attack surface: https://github.com/go-acme/lego/blob/master/go.sum
-
Running one’s own root Certificate Authority in 2023
This ACME client looks promising, but I haven’t tried it yet: https://github.com/go-acme/lego
-
I am once again asking that "web" and "fullstack" developers...
My favorite method of obtaining certificates is with lets encrypt and LEGO
-
Where do you get/setup certificates from for your https/ssl?
Caddy where possible, and acme.sh or lego where not.
- Anyone using WireGuard with a domain name? Any ideas to lower the bills?
- Acme.sh runs arbitrary commands from a remote server
-
How do you renew SSL certificates?
Depend on host's capability... - lego - dehydrated - caddy - in case it already works as a web server, it will automatically issue and renew certs
- Automating LE renewals with dns-01?
-
LeGo CertHub v0.9.0 with Docker Support
u/gregtwallace maybe in the short term until you write your own, you could provide a hook into one of the many ACME client implementations which do DNS-01 and support the majority of major DNS provider APIs out of the box? That would make your (really great!) project much more widely usable.
certwarden-backend
- LeGo CertHub v0.9.0 with Docker Support
-
LeGo CertHub - Centralized Let's Encrypt
The Linux version of the server is bundled with a few scripts, including an install script: https://github.com/gregtwallace/legocerthub-backend/blob/master/scripts/linux/install.sh. There are also a lot of screenshots on the website and usage instructions.
What are some alternatives?
letsencrypt - Certbot is EFF's tool to obtain certs from Let's Encrypt and (optionally) auto-enable HTTPS on your server. It can also act as a client for any other CA that uses the ACME protocol.
ssl_get - A script that helps distribute/update local SSL certs from a centrally managed remote location via SCP or FTP. This allows reducing exposure to external services by retrieving SSL (wildcard) certificates from a single ACME instance (e.g.) or a pfsense/opnsense box. Useful for local network Split-Brain-DNS Setups or for Demilitarized Zones (DMZ).
acme.sh - A pure Unix shell script implementing ACME client protocol
certificate-scripts
acme-dns - Limited DNS server with RESTful HTTP API to handle ACME DNS challenges easily and securely.
autocert - [mirror] Go supplementary cryptography libraries
certwarden - Cert Warden is a centralized ACME Client. It provides an API for certificate consumers to fetch their individual keys and certs with API keys.
acmetool - :lock: acmetool, an automatic certificate acquisition tool for ACME (Let's Encrypt)
ACL - A simple but powerful Access Control List manager
go-acl - Go support for Access Control Lists