Led By George Murphy In this session, you’ll learn how to streamline local and production development with Let’s Encrypt integration in CommandBox. We’ll cover setting up free, automated SSL/TLS certificates, including wildcard support and various verification methods (HTTP, HTTPS, DNS). Whether you're working solo or in a team, you'll discover how to boost security and simplify your workflow with trusted, automated certificates.

1. CommandBox Lego Module
Let’s get started

2. Who am I
George Murphy
Working with ColdFusion since version 4.0
Software Engineer
Contractor
https://github.com/murpg/cblego

3. Overview
This module provides a convenient way to generate SSL certificates
using Let's Encrypt directly from your CommandBox CLI.
It integrates the Lego ACME client, allowing you to generate
certificates using DNS challenges with support for multiple DNS
providers.

5. Catalogue
Prerequisites
2.
1. Overview
Module Installation and Configuration
Installation
3. 4.
Troubleshooting
Generating Certificates
5. 6.
Supported DNS Providers
API Provider-Specific Validation
7. 8.
Contributing
License
9. 10.

6. 01.
Purpose
Facilitate SSL certificate generation using Let's Encrypt via
the CommandBox CLI.
Integrate Lego ACME client for easy DNS challenge- based
certificate issuance.
02.
Advantages
Utilizes reliable DNS-01 challenge for domain validation.
Supports multiple DNS providers.
Does not require public web server access, suitable for
internal/private domains.
Introduction

7. 01
CommandBox 5.x+
02
Lego binary installed
and in the system
PATH.
03
Domain registered
with a supported DNS
provider.
04
API credentials/tokens
from the DNS provider.
System Requirements

8. Using Scoop. Using PowerShell
Script.
Manual Installation.
Windows
Lego Installation

9. Module Installation and Configuration
install commandbox-cblego

10. 01
Command for module installation in CommandBox.
Install commandbox-cblego
CommandBox Module Installation

11. Cloudflare
Token authentication.
Email+key authentication.
Additional optional settings.
easyDNS
Direct value and file- based
authentication.
Environment Variables Examples

12. Generating Certificates
cblego run envFile=cloudflare.env server=staging --dns.resolvers="1.1.1.1:53" path="./.certs“
Renewing Certificates
cblego run envFile=cloudflare.env server=staging --dns.resolvers="1.1.1.1:53" path="./.certs" --renew days=200

13. Commandbox example for wildcard certificate generation.
01
Wildcard Certificate

14. 01
"Invalid Credentials"
Tips for resolving invalid credentials errors.
02
"Access Denied"
Troubleshooting access denied errors.
"Invalid request headers"
03
"Token Expired"
Solutions for token expiration.
"Rate Limit Exceeded"
Handling rate limit issues.
04
Resolving issues specific to Cloudflare.
05
Common Issues and Solutions

15. Supported DNS Providers
https://github.com/murpg/cblego/blob

16. 01
Explanation of generated certificate files and their locations.
Certificate Files

17. Contributing
Kishore Kumar

18. Thanks for attending.
https://github.com/murpg/cblego
https://go-acme.github.io/lego/dns/index.html
cblego@websbygeorge.com