LOGS needs SSL certificates in order to serve the web interface via HTTPS instead of unencrypted HTTP.

These certificates can either be provided by the local IT department or obtained automatically (and for free) from the Let’s Encrypt certificate authority.

Support for Let’s Encrypt is built into LOGS and can either be activated during setup with the installer script or later by editing the main configuration file.

In order for the Let’s Encrypt mechanism of authentication to work, the LOGS server has to be accessible from the internet - a restriction by whitelist is not possible.

Certificates obtained manually from the local IT department have to be stored in the ./certs subdirectory of LOGS in form of the the files fullchain.pem and privkey.pem and will be used automatically if HTTPS is activated in the main configuration file.

fullchain.pem contains the X.509 certificate for the LOGS server in the .pem format, followed by all other certificates in the chain.

privkey.pem contains the private key for the certificate in the .pem format.