SSL Settings

Introduction

LUCY provides the ability to generate SSL certificates for various purposes, including campaigns, admin interface access, and end-user portal access. Here's a concise guide on how to generate SSL certificates in LUCY.

What is an SSL certificate?

SSL (Secure Sockets Layer) is like a protective shield. It ensures that when your targets interact with the phishing page, their data remains secure and can't be intercepted by prying eyes. It's the trusty guard that makes sure your simulation stays safe and realistic. Similarly, your administrative interface also requires an SSL certificate to encrypt and keep your data secure. Without an SSL certificate, your recipients will encounter a big red warning page, signaling that the site they're trying to access isn't secure. This could seriously affect the authenticity of your simulation if it's not properly set up. So, think of SSL as your trusty sidekick, keeping things legitimate and secure.

Admin Interface Certificate

Ensure you have a domain configured for your Lucy server

Each VPS server provided by Lucy Awareness comes with a default administrative domain, such as access.cloudserver123.com. Should you wish to use a custom domain instead, please refer to our guide on custom domain configuration.

Admin Certificate Generation:

Navigate to "Settings -> Common System Settings -> SSL Settings" in the LUCY admin interface.

Let’s Encrypt Mode

  • How it Works: The HTTP challenge requires you to place a specific file with specific content, provided by Let's Encrypt, on your web server. Lucy will automatically create this file and no further action is needed from the administrator. Let's Encrypt CA then makes HTTP requests to this URL to verify that the file exists and has the correct content.

  • Use Case: This challenge is suitable for websites and services already accessible via HTTP. It's straightforward if you can easily upload files to your server and make them accessible over the web.

  • Advantages:

    • Simple and quick for web servers and sites already running.

    • Direct verification of your domain through the web server.

  • Limitations:

    • The server must be publicly accessible via port 80.

    • Not suitable for wildcard certificates directly (wildcard certificates require a DNS challenge).

Select "Use Custom SSL Certificate" - You will be presented with three options:

Our default method, designed for maximum user-friendliness, enables your Lucy server to automatically generate a Certificate Signing Request (CSR) through the integrated Let's Encrypt API. It then submits this request to Let's Encrypt and automatically installs the full certificate chain on your Lucy server.

This process may take up to 5 minutes to complete. Please wait for the "certificate successfully generated" notification before proceeding further.

Let's Encrypt certificates are issued with a maximum validity period of 90 days.

All Certificates

This tab provides an overview of all the certificates generated on your Lucy server. It offers the functionality to edit or permanently delete any certificate. This feature is especially valuable for renewing or replacing certificates associated with a specific domain across the entire Lucy server, including those used in attack and awareness campaigns.

Last updated

Was this helpful?