Let’s Encrypt, a non-profit organization, provides free, automated, and open-source Transport Layer Security (TLS)/Secure Sockets Layer (SSL) certificates. These certificates are essential for enabling HTTPS, the secure protocol used by websites to protect data transmission.
Let’s Encrypt operates through the Automated Certificate Management Environment (ACME) protocol, a standardized approach for issuing and managing SSL/TLS certificates. When a website owner requests a certificate, their server communicates with Let’s Encrypt’s certificate authority (CA) to prove control over the domain. Once control is verified, the CA issues a certificate, which is then installed on the website’s server.
SKUDONET implements a Let’s Encrypt integration. It functions similarly to certbot, a free, open-source software that automates the process of obtaining and managing Let’s Encrypt certificates. SKUDONET provides a user-friendly interface and simplifies the issuance, configuration, and renewal of certificates against Let’s Encrypt. SKUDONET interacts with Let’s Encrypt’s CA through the ACME protocol to request, install, and renew certificates.
The image below shows a list of SSL certs generated by Let’s Encrypt and saved on SKUDONET ADC
Common Name (CN): The fully qualified domain name (FQDN) of the server that the certificate is valid for. For example, test3.test.skudonet.io, example.com, or mail.domain.com.
Issuer: The certificate authority (CA) that signed the certificate.
Domains: The domain(s) that are certified by the CA.
Status: The current status of the certificate, indicated by a color:
- Green icon and valid
- Yellow icon and the certificate will soon expire and is pending renewal.
- Red icon and the certificate has expired.
- Orange icon and waiting for approval from Let’s Encrypt.
- Gray icon and the certificate is invalid.
Wildcard: This identifies if the certificate is a wildcard certificate or not. A Red tick on this column confirms that the certificate is a wildcard cert.
Autorenewal: This checkbox is enabled if the wild card certificate is enabled. The system will renew the certificate once the expiration date is soon. A nighly process is executed and the action is taken if applied.
Creation: The date the certificate is issued.
Expiration: The date the certificate expires.
Actions: The following actions are available for each certificate:
- Create certificate: This shows a form used to create the certificate.
- Delete: Deletes the certificate from the local storage.
All the information saved by SKUDONET Let’s Encrypt client is saved in logs /var/log/letsencrypt/letsencrypt.log and /var/log/syslog.
Next Article: LSLB | Let’s Encrypt | Create certificate