Let's Encrypt Subdomains Certificate for Proxmox

[shaini]

Hi, We would like to obtain a certificate for Proxmox and some VMs running on Proxmox from outside via our domain.

How can we have these certificates created by "Let's Encrypt"? e.g. for these subdomains Proxmox "proxmox.domain.com" and the VM "ubuntu.domain.com" So far we always get a DNS error message with Let's Encrypt.

Port 80 and 443 are open to Proxmox. Would be grateful for hints, because Let's Encrypt only has limited attempts.

LG

 

[Stoiko Ivanov]

You opened the thread in the Mail Gateway forum - was this intentional? (since you're talking about VMs I assume it was meant for the Proxmox VE forum)...

In any case - if you want to get one certificate for multiple DNS names, which point to different IP addresses you (usually) need to use a DNS plugin for verification - with the http challenge the Let's encrypt ACME server tries to connect to proxmox.domain.com with the challenge and then to ubuntu.domain.com (and this one will not have the correct challenge response waiting on port 80 at /.well-known/acme/


I hope this explains it.

check out the reference documentation on certificates:
https://pve.proxmox.com/pve-docs/chapter-sysadmin.html#sysadmin_certs_get_trusted_acme_cert

It might be easier to just setup some other acme client (certbot or acme.sh for example) on the ubuntu machine.

 

[shaini]

Thanks for your answer!

That was an accident, please move the thread to the correct section.

Thanks!