Our great sponsors
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
ssl_get
A script that helps distribute/update local SSL certs from a centrally managed remote location via SCP or FTP. This allows reducing exposure to external services by retrieving SSL (wildcard) certificates from a single ACME instance (e.g.) or a pfsense/opnsense box. Useful for local network Split-Brain-DNS Setups or for Demilitarized Zones (DMZ).
This complexity is why I created LeGo CertHub. LeGo CertHub is a self-hosted application that manages private keys, ACME accounts, and certificates via a user friendly web app. It then serves the keys and certificates via API calls secured with an API key. Key/Cert clients make API calls to the server to fetch their respective files. Example client scripts: https://github.com/gregtwallace/certificate-scripts. Note that error handling in these scripts isn't great, but they mostly get the job done.
The Linux version of the server is bundled with a few scripts, including an install script: https://github.com/gregtwallace/legocerthub-backend/blob/master/scripts/linux/install.sh. There are also a lot of screenshots on the website and usage instructions.
Nice. I did something similar with this: https://github.com/Sieboldianus/ssl_get
It's named after https://github.com/go-acme/lego it seems, which has been around for a while.
Related posts
- I am once again asking that "web" and "fullstack" developers...
- Anyone using WireGuard with a domain name? Any ideas to lower the bills?
- Automating LE renewals with dns-01?
- Searching for a solution to get letsencrypt and traefik working for my local nas
- Introducing lers: an async, user-friendly Let's Encrypt/ACMEv2 library