acme

Hello, I have two servers using let’s encrypt and both use port 80. PMG and another. However, I need PMG to use HTTP-01 challenge. I can solve the problem by using an NFS mount from one to the other, but I cannot figure out where to do the mount or how to configure PMG 8.2.10 to a static...

Hi, my PVE generates an SSL certificate via ACME DNS Challenge. Works fine so far. But the requested certificate is RSA 4096. How to tell the plugin to request a P384 certificate?

Hi, I'm actually trying to get OPNSENSE though ACME CLIENT automation to upload let's encrypt certificate to PBS. (I got it working properly for PVE). I found script used at git repo fo acme https://github.com/acmesh-official/acme.sh/blob/master/deploy/proxmoxbs.sh. Looking at the script it...

Sorry for asking a (maybe) stupid question. Is there an equivalent for pvenode acme orproxmox-backup-manager acme in pdm? It looks like it's not available in proxmox-datacenter-manager-admin or proxmox-datacenter-manager-client .

Hi, I'm trying to setup ACME for the Proxmox Datacenter manager and i cannot setup an acme account for a local CA. Only choices are let's encrypt or let's encrypt staging. I know this is the same on PBS but you can use a CLI tool to do it. I read the documentation but cannot find any info about...

Environment: Proxmox VE Version: 9.0.11 ACME Plugin Package: libproxmox-acme-plugins (v1.7.0) DNS Plugin: dns_ali (Built-in) Issue Analysis: When attempting to issue a certificate using Alibaba Cloud (Aliyun) DNS, the process fails with Error add txt for domain. Enabling debug mode reveals...

Hallo zusammen, ich kämpfe gerade mit ACME-Zertifikaten auf einem Proxmox Backup Server (PBS). Hintergrund kurz: Infrastruktur: Proxmox VE Cluster (3 Nodes) + PBS in einer VM Externe CA: existiert und funktioniert bei den Proxmox-Nodes (ACME‑Zertifikate werden angefordert und automatisch...

Hello, Hetzner is migrating DNS management to the Cloud Console. This means new API keys must be created. Has anyone had any experience with whether the new API keys also work with the current ACME plugin? Kind Regards touro411

I am running acme-dns to update the certificates in my landscape, I run my own acme-dns service and thus can get wildcard certificates. This means I can create certificates for subdomains that are locally known, but not on the outside. I just create a cert for '*.domain.tld'. These I use for the...

Hi, I ask politely: when will there be a working account creation for ACME accounts (that are NOT letsencrypt) in the GUI? Sincerely, T.

In Proxmox 9.0.5: root@oats1:~# pvenode acme account register default ddrucker@mclean.harvard.edu Directory endpoints: 0) Let's Encrypt V2 (https://acme-v02.api.letsencrypt.org/directory) 1) Let's Encrypt V2 Staging (https://acme-staging-v02.api.letsencrypt.org/directory) 2) Custom Enter...

Hi everyone, I'm holding off on using the built-in ACME/Let's Encrypt integration in Proxmox VE for a specific reason, and I wanted to get your thoughts on it. The current implementation doesn't support wildcard certificates. This means I have to generate a specific certificate for each...

I followed the guide on the wiki a few months ago and configured automatic renewals of the server certs using ACME. Since then Proxmox has been updated, not by me. Now I wanted to check which e-mail I used for the account and I cannot find the ACME option anywhere. I can see under...

Hi everyone, I'm facing an issue where several of my hosts no longer receive certificates. I'm using the DNS challenge with All-Inkl. The TXT records are being created correctly with the configured settings. The problem occurs on two PVE installations at two different locations (both using...

Hey All, I am creating a script to setup a Proxmox 8 LXC Container for Pi-hole with the following services & packages: Pi-hole Tailscale Unbound DOH (Cloudflare & Quad9) DOT (Cloudflare & Quad9) DNSDist DNS01 (Method: TXT Record) The script is here: HERE I get an an error when it gets to the...

Hello, I created a file /usr/share/proxmox-acme/lebureaunsupdate.key with the content : ``` key "update" { algorithm hmac-sha512; secret "AAA/MY/SECRET/AAA=="; }; ``` and I filed the acme plugin like that but when I try to order a certificate, I get the following error : ```...

Hello ! so it seems I will not be able to access my home lab from outside through TalkTalk eero unless it is deemed 'secure enough'. I have followed all the steps necessary to configure ACME. My domain is with OVH. API Key has been configured and given PUT, GET, POST and DELETE permissions to...

Hello! I downloaded and started using the Proxmox Mail Gateway 8.1 software. In the Configuration/Certificates menu, ACME has 5 domains created and it won't let me add more, but I don't get any error messages. Is this a bug or a limitation of the free version? Best regards, Zoltan

I use the smallstep step-ca ACME server from https://smallstep.com/docs/step-ca/ up and running. I have added the root and intermediate certificates to /usr/share/ca-certificates on my PVE node, and run update-ca-certificates I can succesfully run curl with curl...

My acme certificates are managed by my OPNsense VM and I have successfully used a plugin supplied by them to install certificates on the PVE servers via the API at https://${_target_hostname}:${_target_port}/api2/json/nodes/${_node_name}/certificates/custom Is there a way to do the same thing...