For anyone using Hurricane Electric's dynamic DNS records in https://dns.he.net/, here is an ACME DNS API plugin script for PVE:
https://github.com/markkuleinio/pve-acme-he-ddns
If I have understood it correctly, Proxmox will update their own proxmox-acme repo from acme.sh repo in GitHub, so...
I have several proxmox servers, bahind a firewall, and ha proxy. Each proxmox server has a public dns entry.
I'm forwarding .well-known/acme-challenge via ha proxy, to each of my proxmox servers (hdr(host) -i proxmox1.example.com).
I can run manually certbot successfully.
When I try a pvenode...
I am using my selfhosted smallstep server to issue certificates for everything in my homelab. By design, the certificates are short-lived (only 24 hours). I have managed to request the certificate just fine via proxmox, and the auto renewal process seems to work fine.
However, when the proxmox...
Hallo! Hab mir gerade die ACME-Implementierung von Proxmox 8.2.2 angeschaut. Wenn ich die Doku richtig verstanden habe, dann wird das zunächst nur zur Absicherung der Promox Admin-Seite genutzt. (Also z.B. https://mein.pve.com:8006/.) Ist es denn möglich, die bezogenen Zertifikate auch den...
Since Acme released a bookmyname plugin at the end of 2023, it is now possible to use the user interface to manage certificates.
A few comments though: I had trouble getting it to work, and couldn't find much information here. After a lot of struggling, I put some debugging code in...
Hi - I'm running Proxmox 8.2.2 and running into the following odd error trying to provision certificates using the Namecheap ACME DNS Plugin. I believe this same configuration worked prior to the 8.2 upgrade within the last monthacme
Under Datacenter -> ACME, I've defined a challenge plugin...
I sucessfully set up acme certificate on our proxmox node but certificate renew fails.
Output of pvenode acme cert renew:
Loading ACME account details
Placing ACME order
Order URL: https://acme-v02.api.letsencrypt.org/acme/order/1446374306/265127774607
Getting authorization details from...
Hello,
I am trying to set up the ACME listener using HTTP but I keep getting validation failed connection refused. It looks like my server is not listening on port 80. When I do the following on the server itself pointing to it's own IP:
nc 10.110.2.8 80
it returns connection refused.
Any...
Hallo,
Ich wollte bei mir heute ssl Zertifikate für alles einrichten, aber leider kommt bei mir dieser Fehler immer wenn ich per ACME ein Zertifikat ordern will.
Hat Jemand eine idee was man noch probieren kann?
2024-03-31T10:34:35+02:00: Placing ACME order
2024-03-31T10:34:36+02:00: Order...
Hello,
I haven't been playing with my Proxmox homelab in some time. I fired them back up to try and do some work and noticed the TLS certs had expired for my WebUI. Previously I was using ACME DNS challenges with LetsEncrypt to configure my SSL/TLS certs. So I figured I would remove all of the...
Summary already says it. We have a self-hosted ACME server (step-ca) and would like to include the non-FQDN hostname and its IP address as SANs for compatibility reasons
How to accomplish that through native Proxmox features?
https://pve.proxmox.com/pve-docs/pvenode.1.html doesn't appear to...
Hallo zusammen,
aktuell nutze ich den Free (Legacy 2018) Plan von ClouDNS, damit schaffe ich es aber nicht eine ACME DNS Challenge durchzuführen.
Angeblich sind die Credentials immer falsch.
Ich habe nun mit dem Support geschrieben und obwohl ich einen API user anlegen kann, darf ich diesen...
Can someone help with what I'm missing here?
Why is it telling me to create a CNAME in the ###### block and then telling me to create a TXT record but not telling me what to put into it?
I figured out to make my DC safer and add SSL cert for trusted https that is only accessible from LAN, with 2FA etc...
however when pvenode acme cert order -f
Can't use an undefined value as a HASH reference at /usr/share/perl5/PVE/API2/ACME.pm line 196.
I never messed with certs before, this...
I'm in need of executing a script to allow traffic through firewall and open port 80 inbound to the PVE (and next PBS), and then once done, close the ports etc.
Is there a current way to do it in PVE 7.x ?
I am using an ACME server other than Let's Encrypt, and I observe PVE is having issues creating the CSR for IP addresses.
Depending of the order of the domains (the actual domain and the IP) to be verified I add in the GUI to be verified it creates a bad CSR that is not accepted by the ACME...
Hi
how to automate the use of certificates that are issued by your local certification authority?
deployed my center, I receive a certificate from it through certbot and it is located /etc/letsencrypt/live/%FQDN
I wanted to put files from /etc/letsencrypt/live/%FQDN into /etc/pve/local through...
Hello,
I want to ask you how to change the port of the HTTP daemon, which is started when the certificates order is triggered.
I would prefer 8080 for example or whatever else.
I am getting "Failed to initialize HTTP daemon" error at the end of the task because my 80 port is being used by...
Hello,
I can't seem to find any doc or description of the format for supplying "API data" to an ACME dns-01 challenge using the Azure plugin. I'm asking about the expected format of the parameters that need to be passed to the plugin via this dialog:
I tried using the CLI but it returns an...
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.