Help with ACME DNS API

D

DoctaS

New Member
Jan 31, 2025
5
0
1
Hello all,
I'm fairly new with Proxmox and just started working with it for about three weeks now. When I first installed this I didn't have a domain controller or DNS server so I made it's name (name).asdf.local. I made these last week with Windows Server 2025 and changed it, but the certificates didn't change. This gave me issues with trying to use AD authentication for Proxmox since TLS is standard on Windows Server 2025. I got as far as learning about ACME and Let's Encrypt and then hit a wall. I have no idea what to use for the DNS API when creating the plugin. Any help is appreciated. If more details are required please let me know.
 
Do you have a legit domain name registered? You will need one for Let's encrypt to work. When you do a DNS challenge to get your certs, use the API appropriate for your public DNS registrar
 
louie1961 said:
Do you have a legit domain name registered? You will need one for Let's encrypt to work. When you do a DNS challenge to get your certs, use the API appropriate for your public DNS registrar
Click to expand...
The domain I have set up was just supposed to be for ease of access and to make it into a true server room. I didn't have plans to make it public. Is all of this necessary in order to get Windows AD authentication working with Proxmox?
 
You need to own a domain for Let's encrypt to be able to issue valid certs, but the domain doesn't need to proxied by Cloudflare or publicly available. With the DNS challenge you can even have your DNS "A" record point to a private IP address that is only reachable inside your environment. Let's encypt won't care, and you will not need a public IP address to do this. I have an domain for my home lab that is no way publicly accessible. Cost me $9 a year to buy the domain name. And I have valid certs on all my home lab devices. My pfSense firewall/router does all my DNS resolution within my lab, and everything is reachable (internally only) by a FQDN with valid Let'sEncrypt certs..
 
Last edited:
You must log in or register to reply here.
Top Bottom