openmediavault-letsencrypt

  • Code
    cat /etc/letsencrypt/live/example.com/privkey.pem /etc/letsencrypt/live/example.com/cert.pem > /etc/letsencrypt/live/example.com/untangleapache.pem.

    This line doesn't make sense to me.
    The OMV SSL has two files: /etc/ssl/certs/omv--abcd.cert, /etc/ssl/private/omv--abcd.key

    How is the untangleable.pem can be used for those files ?

    OMV v5.0
    Asus Z97-A/3.1; i3-4370
    32GB RAM Corsair Vengeance Pro

  • I tested your method and my method again tonight and they both worked.


    Recap:
    after import the cert and keys into OMV via the Import menu, go to /etc/ssl/private and /etc/ssl/certs, to find the openmediavault-unique-key....
    Next, use cp to copy the files from /etc/letsencrypt/live/example.com/ to /etc/ssl/private and /etc/ssl/certs appropriately.


    cp cert.pem omv--uuid.crt
    cp privkey.pem omv--uuid.key

    OMV v5.0
    Asus Z97-A/3.1; i3-4370
    32GB RAM Corsair Vengeance Pro

    Einmal editiert, zuletzt von tinh_x7 ()

  • I have Let's Encrypt certs, but I don't know how to import them into OMV in order to enable SSL. I'm sure this is super simple. I'm just a complete noob with certs.


    I can't use the letsencrypt Docker because port 80 is blocked and RCN wanted $19/month (plus activation fee!) to unblock it. I used acme.sh's DNS API mode to successfully get certs from Let's Encrypt. I believe I need to import the certs into OMV, but I don't know how to do this.


    I've got a ".cer" cert, a ".key" cert key, and a ".cer" intermediate CA cert. The OMV documentation on certificates says that the certs can be imported directly: https://openmediavault.readthe…general/certificates.html
    I very much don't want to manually cat the cert files and copy & paste the contents into the OMV UI. How can I script the import of the Let's Encrypt certs, given that their location will be static?

  • I have Let's Encrypt certs, but I don't know how to import them into OMV in order to enable SSL. I'm sure this is super simple. I'm just a complete noob with certs.


    I can't use the letsencrypt Docker because port 80 is blocked and RCN wanted $19/month (plus activation fee!) to unblock it. I used acme.sh's DNS API mode to successfully get certs from Let's Encrypt. I believe I need to import the certs into OMV, but I don't know how to do this.


    I've got a ".cer" cert, a ".key" cert key, and a ".cer" intermediate CA cert. The OMV documentation on certificates says that the certs can be imported directly: https://openmediavault.readthe…general/certificates.html
    I very much don't want to manually cat the cert files and copy & paste the contents into the OMV UI. How can I script the import of the Let's Encrypt certs, given that their location will be static?

    With the help of this post, I was able to figure this out: https://forum.openmediavault.o…?postID=152129#post152129


    The full chain cert gets copied to the location of 'ssl_certificate' in '/etc/nginx/sites-available/openmediavault-webgui'. The public key goes to the location of 'ssl_certificate_key'.

  • I have Let's Encrypt certs, but I don't know how to import them into OMV in order to enable SSL. I'm sure this is super simple. I'm just a complete noob with certs.


    I can't use the letsencrypt Docker because port 80 is blocked and RCN wanted $19/month (plus activation fee!) to unblock it. I used acme.sh's DNS API mode to successfully get certs from Let's Encrypt. I believe I need to import the certs into OMV, but I don't know how to do this.


    I've got a ".cer" cert, a ".key" cert key, and a ".cer" intermediate CA cert. The OMV documentation on certificates says that the certs can be imported directly: https://openmediavault.readthe…general/certificates.html
    I very much don't want to manually cat the cert files and copy & paste the contents into the OMV UI. How can I script the import of the Let's Encrypt certs, given that their location will be static?

    With the help of this post, I was able to figure this out: https://forum.openmediavault.o…?postID=152129#post152129


    The full chain cert gets copied to the location of 'ssl_certificate' in '/etc/nginx/sites-available/openmediavault-webgui'. The public key goes to the location of 'ssl_certificate_key'.

  • Hi,


    I have added a TP-LINK AC1200 router in my home network, after my modem. Now, my openmediavault server have the adresse 192.168.0.100, instead of 192.068.1.66 before.


    I have set all my fowarding port on my new router, and I can access to all my NAS services with my public adress. However, the subdomains with duck DNS doesn't work anymore.


    I am a little bit lost with my configuration, I think that I need to change something on my letsencrypt settings, but I don't know exactly what...


    Could you help me ?


    Thanks!

  • Hey guys apologies for the silly question, but can someone please advise me or point me in the right direction to what's the point of using letsecnrypt


    Does it then make it safe to forward your ports to modem, and you can now remotely access your OMV server safely?
    I see it also being a requirement for nextcloud.


    I'm assuming there's no need for it if you're using wireguard/openvpn to access your server remotely as your ports won't be forwarded for the world to see?

    • Offizieller Beitrag

    Hey guys apologies for the silly question, but can someone please advise me or point me in the right direction to what's the point of using letsecnrypt


    Does it then make it safe to forward your ports to modem, and you can now remotely access your OMV server safely?
    I see it also being a requirement for nextcloud.


    I'm assuming there's no need for it if you're using wireguard/openvpn to access your server remotely as your ports won't be forwarded for the world to see?

    No! Letsencrypt gives you a signed certificate. To connect safely to your OMV from remote you should use a "virtual private network" (vpn). I would be looking at wireguard. Not sure if there is a plugin for that yet.

    • Offizieller Beitrag

    Letsencrypt, which has essentially become Swag, is necessary only if you want something like Nextcloud or a media server accessible from the internet. If you only want to access OMV remotely, as donh suggests, WireGuard or some other vpn works nicely and safely. TechnoDadLife has a video how-to for WireGuard.

  • Letsencrypt, which has essentially become Swag, is necessary only if you want something like Nextcloud or a media server accessible from the internet. If you only want to access OMV remotely, as donh suggests, WireGuard or some other vpn works nicely and safely. TechnoDadLife has a video how-to for WireGuard.

    Thank you for the response, I have plex accessible from the internet via forwarding port 3400. Would it be recommended I then install let's encrypt?

    • Offizieller Beitrag

    I have plex accessible from the internet via forwarding port 3400. Would it be recommended I then install let's encrypt?

    I don’t think so, but I’m not sure. I usually leave that setting off unless I specifically need it remotely, which I hardly ever do.

    • Offizieller Beitrag

    I’m not sure how it works. You have to login in the Plex.tv website to access your Plex server remotely.

  • Depending on what type of authentication plex uses it could be attacked by hackers. I would use wireguard if I was doing that.

    Could you please help me understand why you would use wireguard over letsencrypt for a remote plex server

    • Offizieller Beitrag

    Letsencrypt provides a certificate to verify you are connecting too the correct server with no man in the middle. It wont keep anyone else out.


    I have not used wireguard yet. But from reading about it, it looks like the way to go now for a few reasons. Performance being the main one. Also ease of setup. And newer than openvpn. Some routers support a vpn. So if yours does look at the one it supports and compare it to wireguard. Most will probably move to wireguard someday but for now you just need a port forward and a little knowledge and experience to make it work.

  • Is this plugin still alive/working?

    No.

    See here the list of ALL plugins running on OMV6:

    omv-extras plugins - porting progress to OMV 6.x (done) - Plugins - openmediavault


    If you want to use SWAG (Let's Encrypt replacement) check the guides section.

    There are several ways to use it via docker.

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!