Using Let's Encrypt SSL certificates

Christopher Dakin

Introduction

LogonBox supports the creation of free SSL Certificates from Let's Encrypt.

This article details the setup of a single hostname certificate.

 

Pre-requisites

1. You need to install the Let's Encrypt feature from Updates, Features & Licensing in the top right menu.

Click the download button, then restart the service from the power icon at bottom right.

2. Your LogonBox server will also need to be accessible over port 80 as Let's Encrypt servers will communicate to the LogonBox server over this port to validate the certificate request.

3. The DNS hostname you are setting the certificate up for needs to resolve to the IP of your LogonBox server.

 

Creating a Let's Encrypt SSL certificate

Navigate to the Certificates menu in the left menu, then click Create Certificate.

You can change the certificate algorithm with Certificate Type, or leave as default 2048 bits.

Change the Certificate Provider to Lets Encrypt.

 

Click the Certificate tab.

Complete all fields as appropriate for your organisation.

The CN needs to be the fully qualified hostname that your users will be accessing LogonBox on.

Click Create to create the new certificate.

 

Your new certificate should now appear in the certificates list.

 

Configuring LogonBox to use the new certificate

Navigate to System Configuration in the top right menu, then Interfaces.

Edit the Default HTTPS interface.

 

Click the Protocol tab and select your new certificate in the Certificate dropdown.

Click Update to save the settings.

 

Now restart the service via the power icon at bottom right.

Note that the web page will not auto-reload as it's going to be presenting a new cert, so give the server a couple of minutes to restart then hit refresh to get things going again with the new cert.

Your browser should now present the new certificate and it should showing as secure.