- lego Let's Encrypt client and ACME library written in Go
- 4.4.0 security =2 4.4.0Version of this port present on the latest quarterly branch.
- Maintainer: email@example.com
- Port Added: 2019-07-24 07:50:33
- Last Update: 2021-06-10 02:12:00
- Commit Hash: 711587f
- People watching this port, also watch:: openjdk8, netdata, coreutils
- License: MIT
- lego is a client for Let's Encrypt users, written in Go. It has support for a
number of ACME challenges, and no external dependencies.
- SVNWeb : git : Homepage
- pkg-plist: as obtained via:
- Dependency lines:
- To install the port: cd /usr/ports/security/lego/ && make install clean
- To add the package, run one of these commands:
- pkg install security/lego
- pkg install lego
- PKGNAME: lego
- Flavors: there is no flavor information for this port.
- TIMESTAMP = 1623246389
SHA256 (go-acme-lego-v4.4.0_GH0.tar.gz) = 3c1261fe1a774a9aea2f1bcacd9cb5fea8213cd343c6e5e68f78bff90cfd5b16
SIZE (go-acme-lego-v4.4.0_GH0.tar.gz) = 480865
- Packages (timestamps in pop-ups are UTC):
- NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.
- Build dependencies:
- go : lang/go
- Runtime dependencies:
- ca-root-nss.crt : security/ca_root_nss
- There are no ports dependent upon this port
- Configuration Options:
- No options to configure
- Options name:
- If installing:
- There are sample scripts in
that you can use for renewing and deploying certificates.
In order to run the script regularly to update the certificates add this line
Additionally the following parameters may be added to /etc/periodic.conf:
Script to run to renew certificates, will be run as _lego (required)
To run a script after the renewal to deploy certificates
Note that the deploy script is provided as a sample and may need to be modified
for your environment. The script will attempt to deploy certificates to
and private keys to
The script also tries to restart nginx.
If using the sample renew script, add the domains for which lego will manage
/usr/local/etc/lego/domains.txt, one domain on each line.
To add a Subject Alternate Name to the certificate, append the domain(s) to the
To run lego for the first time, edit
and set the EMAIL variable.
Then run lego.sh with the run argument as the _lego user:
$ /usr/local/etc/lego/lego.sh run
Subsequent periodic runs will run with the renew argument by default, with a
renewal interval of 30 days.
- Master Sites: