Hi@all,
I run an ACME instance on another host in the LAN which takes care of the LE certificates of all hosts. If the certificates are renewed, it copies the current version to the corresponding host.
For my PVE means I have three files:
- vmhost01.example.en.crt
- vmhost01.example.en.key
- vmhost01.example.en.fullchain
which I have to copy automatically via SSH to the PVE. But where to? On the other systems I have the files automatically copied to /etc/ssl and on the target system I have adjusted the Apache2 or NGINX configuration so that it uses these files.
In the documentation I read that the files are stored under:
- /etc/pve/local/pve-ssl.pem
- /etc/pve/local/pve-ssl.key
- /etc/pve/pve-root-ca.pem
lie. But with the hint that I am not allowed to modify them.
What is the best way to ssh-copy my LE certificates to the PVE without harming it?
with best
pixel24
I run an ACME instance on another host in the LAN which takes care of the LE certificates of all hosts. If the certificates are renewed, it copies the current version to the corresponding host.
For my PVE means I have three files:
- vmhost01.example.en.crt
- vmhost01.example.en.key
- vmhost01.example.en.fullchain
which I have to copy automatically via SSH to the PVE. But where to? On the other systems I have the files automatically copied to /etc/ssl and on the target system I have adjusted the Apache2 or NGINX configuration so that it uses these files.
In the documentation I read that the files are stored under:
- /etc/pve/local/pve-ssl.pem
- /etc/pve/local/pve-ssl.key
- /etc/pve/pve-root-ca.pem
lie. But with the hint that I am not allowed to modify them.
What is the best way to ssh-copy my LE certificates to the PVE without harming it?
with best
pixel24
