acme

  1. E

    Proxmox ACME Client doesn't recognise root certificates

    I use the smallstep step-ca ACME server from https://smallstep.com/docs/step-ca/ up and running. I have added the root and intermediate certificates to /usr/share/ca-certificates on my PVE node, and run update-ca-certificates I can succesfully run curl with curl...
  2. N

    Using the API to install HTTPS certificates on PBS

    My acme certificates are managed by my OPNsense VM and I have successfully used a plugin supplied by them to install certificates on the PVE servers via the API at https://${_target_hostname}:${_target_port}/api2/json/nodes/${_node_name}/certificates/custom Is there a way to do the same thing...
  3. O

    Proxmox clustering with ACME configuration order

    Hello all: As I rebuilt my Proxmox cluster from scratch, I attempted to configure ACME certificates for the first time. I had no issues and got all (3) nodes working initially. The following day, I could not log into nodes 2 and 3 via the UI but could via SSH. The only change was that the ACME...
  4. D

    PBS Unable to add FreeIPA ACME account

    When I try to add a new ACME account for PBS I am unable to register a new account, from my reading on various forum posts here I should only be utilising the default account via the CLI only (as the option is missing from the GUI, I've also tried other combinations of accounts and emails) and...
  5. T

    AMCE cert with Sectigo account

    Hi! We use Sectigo [1] for our x509 certs. They offer no challenge based system for ACME. We use accounts instead. I can setup an account in PVE config System/Certificates but cannot use it since I have to chose between DNS and HTTP challenge to add a certificate. Both are not an option. Please...
  6. B

    TASK ERROR: Failed to initialize HTTP daemon

    netstat -tulpn Find app use 80 port If you dont use this, stop service, or change used port. service nginx stop Go to node > acme > Order certificate now
  7. M

    Using HE DDNS for ACME certificates

    For anyone using Hurricane Electric's dynamic DNS records in https://dns.he.net/, here is an ACME DNS API plugin script for PVE: https://github.com/markkuleinio/pve-acme-he-ddns If I have understood it correctly, Proxmox will update their own proxmox-acme repo from acme.sh repo in GitHub, so...
  8. S

    ACME cert with the standalone backend

    I have several proxmox servers, bahind a firewall, and ha proxy. Each proxmox server has a public dns entry. I'm forwarding .well-known/acme-challenge via ha proxy, to each of my proxmox servers (hdr(host) -i proxmox1.example.com). I can run manually certbot successfully. When I try a pvenode...
  9. L

    Any way to make proxmox check if ACME cert renewal needed on startup?

    I am using my selfhosted smallstep server to issue certificates for everything in my homelab. By design, the certificates are short-lived (only 24 hours). I have managed to request the certificate just fine via proxmox, and the auto renewal process seems to work fine. However, when the proxmox...
  10. A

    ACME-Zertifikate für Guests nutzbar?

    Hallo! Hab mir gerade die ACME-Implementierung von Proxmox 8.2.2 angeschaut. Wenn ich die Doku richtig verstanden habe, dann wird das zunächst nur zur Absicherung der Promox Admin-Seite genutzt. (Also z.B. https://mein.pve.com:8006/.) Ist es denn möglich, die bezogenen Zertifikate auch den...
  11. L

    Bookmyname certificate, tips for PVE and PBS

    Since Acme released a bookmyname plugin at the end of 2023, it is now possible to use the user interface to manage certificates. A few comments though: I had trouble getting it to work, and couldn't find much information here. After a lot of struggling, I put some debugging code in...
  12. R

    [SOLVED] Issue with Proxmox 8.2 Namecheap ACME DNS Plugin.

    Hi - I'm running Proxmox 8.2.2 and running into the following odd error trying to provision certificates using the Namecheap ACME DNS Plugin. I believe this same configuration worked prior to the 8.2 upgrade within the last monthacme Under Datacenter -> ACME, I've defined a challenge plugin...
  13. M

    Certificate renew fails

    I sucessfully set up acme certificate on our proxmox node but certificate renew fails. Output of pvenode acme cert renew: Loading ACME account details Placing ACME order Order URL: https://acme-v02.api.letsencrypt.org/acme/order/1446374306/265127774607 Getting authorization details from...
  14. M

    Mail Server Not listening on Port 80

    Hello, I am trying to set up the ACME listener using HTTP but I keep getting validation failed connection refused. It looks like my server is not listening on port 80. When I do the following on the server itself pointing to it's own IP: nc 10.110.2.8 80 it returns connection refused. Any...
  15. W

    ACME Order Fehler

    Hallo, Ich wollte bei mir heute ssl Zertifikate für alles einrichten, aber leider kommt bei mir dieser Fehler immer wenn ich per ACME ein Zertifikat ordern will. Hat Jemand eine idee was man noch probieren kann? 2024-03-31T10:34:35+02:00: Placing ACME order 2024-03-31T10:34:36+02:00: Order...
  16. Y

    Node ACME Removal Error - "plugin 'Cloudflare for domain `node_fqdn` not found! (500)"

    Hello, I haven't been playing with my Proxmox homelab in some time. I fired them back up to try and do some work and noticed the TLS certs had expired for my WebUI. Previously I was using ACME DNS challenges with LetsEncrypt to configure my SSL/TLS certs. So I figured I would remove all of the...
  17. C

    How to tell the built-in ACME client to include more SANs?

    Summary already says it. We have a self-hosted ACME server (step-ca) and would like to include the non-FQDN hostname and its IP address as SANs for compatibility reasons How to accomplish that through native Proxmox features? https://pve.proxmox.com/pve-docs/pvenode.1.html doesn't appear to...
  18. M

    ACME DNS Challenge - Empfehlung gratis Anbieter

    Hallo zusammen, aktuell nutze ich den Free (Legacy 2018) Plan von ClouDNS, damit schaffe ich es aber nicht eine ACME DNS Challenge durchzuführen. Angeblich sind die Credentials immer falsch. Ich habe nun mit dem Support geschrieben und obwohl ich einen API user anlegen kann, darf ich diesen...
  19. C

    Setting up ACME certificate using DNS check

    Can someone help with what I'm missing here? Why is it telling me to create a CNAME in the ###### block and then telling me to create a TXT record but not telling me what to put into it?
  20. P

    Not able to order ACME cert

    I figured out to make my DC safer and add SSL cert for trusted https that is only accessible from LAN, with 2FA etc... however when pvenode acme cert order -f Can't use an undefined value as a HASH reference at /usr/share/perl5/PVE/API2/ACME.pm line 196. I never messed with certs before, this...

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!