acme

  1. R

    [SOLVED] Issue with Proxmox 8.2 Namecheap ACME DNS Plugin.

    Hi - I'm running Proxmox 8.2.2 and running into the following odd error trying to provision certificates using the Namecheap ACME DNS Plugin. I believe this same configuration worked prior to the 8.2 upgrade within the last monthacme Under Datacenter -> ACME, I've defined a challenge plugin...
  2. M

    Certificate renew fails

    I sucessfully set up acme certificate on our proxmox node but certificate renew fails. Output of pvenode acme cert renew: Loading ACME account details Placing ACME order Order URL: https://acme-v02.api.letsencrypt.org/acme/order/1446374306/265127774607 Getting authorization details from...
  3. M

    Mail Server Not listening on Port 80

    Hello, I am trying to set up the ACME listener using HTTP but I keep getting validation failed connection refused. It looks like my server is not listening on port 80. When I do the following on the server itself pointing to it's own IP: nc 10.110.2.8 80 it returns connection refused. Any...
  4. W

    ACME Order Fehler

    Hallo, Ich wollte bei mir heute ssl Zertifikate für alles einrichten, aber leider kommt bei mir dieser Fehler immer wenn ich per ACME ein Zertifikat ordern will. Hat Jemand eine idee was man noch probieren kann? 2024-03-31T10:34:35+02:00: Placing ACME order 2024-03-31T10:34:36+02:00: Order...
  5. Y

    Node ACME Removal Error - "plugin 'Cloudflare for domain `node_fqdn` not found! (500)"

    Hello, I haven't been playing with my Proxmox homelab in some time. I fired them back up to try and do some work and noticed the TLS certs had expired for my WebUI. Previously I was using ACME DNS challenges with LetsEncrypt to configure my SSL/TLS certs. So I figured I would remove all of the...
  6. C

    How to tell the built-in ACME client to include more SANs?

    Summary already says it. We have a self-hosted ACME server (step-ca) and would like to include the non-FQDN hostname and its IP address as SANs for compatibility reasons How to accomplish that through native Proxmox features? https://pve.proxmox.com/pve-docs/pvenode.1.html doesn't appear to...
  7. M

    ACME DNS Challenge - Empfehlung gratis Anbieter

    Hallo zusammen, aktuell nutze ich den Free (Legacy 2018) Plan von ClouDNS, damit schaffe ich es aber nicht eine ACME DNS Challenge durchzuführen. Angeblich sind die Credentials immer falsch. Ich habe nun mit dem Support geschrieben und obwohl ich einen API user anlegen kann, darf ich diesen...
  8. C

    Setting up ACME certificate using DNS check

    Can someone help with what I'm missing here? Why is it telling me to create a CNAME in the ###### block and then telling me to create a TXT record but not telling me what to put into it?
  9. P

    Not able to order ACME cert

    I figured out to make my DC safer and add SSL cert for trusted https that is only accessible from LAN, with 2FA etc... however when pvenode acme cert order -f Can't use an undefined value as a HASH reference at /usr/share/perl5/PVE/API2/ACME.pm line 196. I never messed with certs before, this...
  10. H

    custom pre/post-scripts/hooks for ACME renewals (not plugins, but firewall etc. related)

    I'm in need of executing a script to allow traffic through firewall and open port 80 inbound to the PVE (and next PBS), and then once done, close the ports etc. Is there a current way to do it in PVE 7.x ?
  11. M

    PVE ACME client generating bad CSR for IP addresses

    I am using an ACME server other than Let's Encrypt, and I observe PVE is having issues creating the CSR for IP addresses. Depending of the order of the domains (the actual domain and the IP) to be verified I add in the GUI to be verified it creates a bad CSR that is not accepted by the ACME...
  12. K

    ssl acme?

    Hi how to automate the use of certificates that are issued by your local certification authority? deployed my center, I receive a certificate from it through certbot and it is located /etc/letsencrypt/live/%FQDN I wanted to put files from /etc/letsencrypt/live/%FQDN into /etc/pve/local through...
  13. I

    How to change the port of the HTTP daemon started by ACME?

    Hello, I want to ask you how to change the port of the HTTP daemon, which is started when the certificates order is triggered. I would prefer 8080 for example or whatever else. I am getting "Failed to initialize HTTP daemon" error at the end of the task because my 80 port is being used by...
  14. N

    [SOLVED] Where is ACME in Proxmox VE 7.2?

    I am currently unable to find ACME under the datacenter dashbaord of Proxmox 7.2.
  15. Y

    API data for Let's Encrypt dns-01 challenge using Azure

    Hello, I can't seem to find any doc or description of the format for supplying "API data" to an ACME dns-01 challenge using the Azure plugin. I'm asking about the expected format of the parameters that need to be passed to the plugin via this dialog: I tried using the CLI but it returns an...
  16. U

    [SOLVED] SMTP vs API/GUI Hostname

    I use a different hostname for SMTP and API/GUI. The certificates are separate. However, I want to understand what the best practice is because I may have done this reverse from what it should be. PMG IP: 192.0.2.1 The ACME settings are: mx.example.com -> smtp hostxyz123.example.com -> api...
  17. H

    [SOLVED] ACME Certificate Can't Add Subject Alternative Names?

    I was able to successfully get a Lets Encrypt cert for my PVE box, using the domain: PVE.domain.com, but I am only able to access the server as such. If I connect to the server locally at https;//PVE:8006/, I get an err_cert_common_name_invalid error in chrome. Is there any way to add SANs to...
  18. M

    ACME client wrongly treats IP address as DNS name in CSR generation

    I'm using PVE's ACME client to get a certiifcate from my ACME server. I added two names: "domain.com" and "172.16.0.1" in the control panel. The certificate I finally got has its Subject Alternative Name = "DNS:domain.com,DNS:172.16.0.1". It's invalid. It should be...
  19. I

    1984hosting ACME plugin not working (outdated + more?)

    For my internal PVE nodes I want to get ACME working. Since I'm behind a NAT firewall and the single IP's port 80 is not available, I'm trying with the DNS API challenge. Unfortunately, my own web hoster does not provide a DNS API, so I forwarded a subdomain to 1984.hosting, which has a built-in...
  20. C

    ACME API endpoint: 403 Permission check failed (user != root@pam) - despite user being root@pam

    The title says pretty much it all. :) I'm writing an API client and a Terraform provider for Proxmox VE. So far the `version` and `storage` endpoints are working (albeit not necessarily complete :D ). I'm now trying to create an ACME account but I get a `403 Permission check failed (user !=...

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!