Hi all,
Is it possible to request a LetsEncrypt SAN cert through the Proxmox certificate management GUI?
Currently I have this working for a single named cert using the Cloudflare DNS challenge, but can't find any way to add multiple domain names.
I'd like to use DNS round robin for my proxmox cluster web management and need the host name as well as the cluster name in the cert.
Seems wildcards are not supported and I can't find any examples for multiple domain names separated by comma or space etc anywhere.
ACME.sh appears to support SAN's so I'm assuming I could complete this at the command line... haven't investigated this yet.
Currently I use HAproxy which works well but I find it complicated and requires maintenance, so thought I'd simplify things as this is just a home lab setup.
I've actually moved most internal services away from HAproxy to Cloudflared tunnels, these work really well for me. And now I just have my Proxmox cluster to 'rework' and I can remove HAproxy entirely.
I use OPNsense and Unbound DNS, which make it pretty easy to create a couple of DNS overrides that point the cluster name to the hosts.
Simple browser fail-over of the cluster name during a host restart is what I'm after, and possibly just a browser refresh required if I use round robin.
Any help would be appreciated for the LetsEncrypt SAN cert
Is it possible to request a LetsEncrypt SAN cert through the Proxmox certificate management GUI?
Currently I have this working for a single named cert using the Cloudflare DNS challenge, but can't find any way to add multiple domain names.
I'd like to use DNS round robin for my proxmox cluster web management and need the host name as well as the cluster name in the cert.
Seems wildcards are not supported and I can't find any examples for multiple domain names separated by comma or space etc anywhere.
ACME.sh appears to support SAN's so I'm assuming I could complete this at the command line... haven't investigated this yet.
Currently I use HAproxy which works well but I find it complicated and requires maintenance, so thought I'd simplify things as this is just a home lab setup.
I've actually moved most internal services away from HAproxy to Cloudflared tunnels, these work really well for me. And now I just have my Proxmox cluster to 'rework' and I can remove HAproxy entirely.
I use OPNsense and Unbound DNS, which make it pretty easy to create a couple of DNS overrides that point the cluster name to the hosts.
Simple browser fail-over of the cluster name during a host restart is what I'm after, and possibly just a browser refresh required if I use round robin.
Any help would be appreciated for the LetsEncrypt SAN cert