Nginx and regenerate ACME letsencrypt certificates

plastilin

Active Member
Oct 9, 2012
56
0
26
Ukraine
Hello. I configured Nginx according to this instruction. Everything works great. It has become much more convenient. But the following question arose: ngnix is blocking ports 80 and 443 to obtain letsencrypt certificates. In order to regenerate the certificates, I had to manually stop nginx, get the certificates from the web interface and start nginx again Where can I add a line to stop Nginx before the automatic regeneration of certificates, and then start it? Thanks
 

Arvyr

Member
Nov 29, 2019
66
3
8
34
Storkow (Mark)
I assume in that case you generate let's encrypt certificates not through proxmox' webgui, but on cmd line via certbot or so.
I'm not using LE however, cause I have my own Linux CA. The Proxmox GUI is enough for me.

Edit: Looking at the link, I guess http-> https redirection doesn't work with ACME. iirc
 

plastilin

Active Member
Oct 9, 2012
56
0
26
Ukraine
I assume in that case you generate let's encrypt certificates not through proxmox' webgui, but on cmd line via certbot or so.
I'm not using LE however, cause I have my own Linux CA. The Proxmox GUI is enough for me.

Edit: Looking at the link, I guess http-> https redirection doesn't work with ACME. iirc
Not. I am generating certificates from WEB GUI Proxmox. and at the moment of trying to obtain a certificate in the task an error is thrown If you stop nginx, the error does not appear and the regeneration is successful.
 

fabian

Proxmox Staff Member
Staff member
Jan 7, 2016
5,489
904
163
you can't use the built-in standalone ACME integration if something else is already using the HTTP(s) ports. you can use DNS mode if your DNS server/provider offers a compatible API.
 

plastilin

Active Member
Oct 9, 2012
56
0
26
Ukraine
you can't use the built-in standalone ACME integration if something else is already using the HTTP(s) ports. you can use DNS mode if your DNS server/provider offers a compatible API.
Can you tell me what to read to set it up?
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE and Proxmox Mail Gateway. We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get your own in 60 seconds.

Buy now!