openmediavault-letsencrypt

    • Offizieller Beitrag

    actually I am on OMV4, so thats why I wonder why automatic replacement of cert will not work.

    It should - https://github.com/OpenMediaVa…/rpc/letsencrypt.inc#L222


    Are you seeing an updated date in the description in the ssl cert tab of the omv web interface?

    omv 7.0-32 sandworm | 64 bit | 6.5 proxmox kernel

    plugins :: omvextrasorg 7.0 | kvm 7.0.9 | compose 7.0.9 | cputemp 7.0 | mergerfs 7.0.3


    omv-extras.org plugins source code and issue tracker - github


    Please try ctrl-shift-R and read this before posting a question.

    Please put your OMV system details in your signature.
    Please don't PM for support... Too many PMs!

  • I don't get what you mean with description in cert tab,


    OMV ssl cert comment/description says the old date of the cert if you mean that

    Chaos is found in greatest abundance wherever order is being sought.
    It always defeats order, because it is better organized.
    Terry Pratchett

    • Offizieller Beitrag

    I don't get what you mean with description in cert tab,

    In the OMV web interface, go to System -> Certificates -> SSL and look at the comment (sorry I called it description). If the date is old in that comment, then something isn't updating but it should. The only reason I can think that it would update the cert but not update the OMV cert is if the Test Certificate checkbox was checked.

    omv 7.0-32 sandworm | 64 bit | 6.5 proxmox kernel

    plugins :: omvextrasorg 7.0 | kvm 7.0.9 | compose 7.0.9 | cputemp 7.0 | mergerfs 7.0.3


    omv-extras.org plugins source code and issue tracker - github


    Please try ctrl-shift-R and read this before posting a question.

    Please put your OMV system details in your signature.
    Please don't PM for support... Too many PMs!

  • yeah, I have "test cert" checked in letsencrypt ....


    Should I deactivate this function? I thought it checks the cert after creation with every renewal.

    Chaos is found in greatest abundance wherever order is being sought.
    It always defeats order, because it is better organized.
    Terry Pratchett

    Einmal editiert, zuletzt von riff-raff ()

    • Offizieller Beitrag

    Do I have to manually install the updated .deb file?

    Nope.

    no packages appear at the moment when I click "Check" in the Update Management tab in the webgui.

    I'm guessing there is an issue with your sources and/or dns. What is the output from the apt clean button in omv-extras?

    omv 7.0-32 sandworm | 64 bit | 6.5 proxmox kernel

    plugins :: omvextrasorg 7.0 | kvm 7.0.9 | compose 7.0.9 | cputemp 7.0 | mergerfs 7.0.3


    omv-extras.org plugins source code and issue tracker - github


    Please try ctrl-shift-R and read this before posting a question.

    Please put your OMV system details in your signature.
    Please don't PM for support... Too many PMs!

  • What is the output from the apt clean button in omv-extras?

    Clicking that button seems to have fixed it. After it finished I went to the update management and it showed me version 4.1.12 right away. Thanks again!


    Are you still interested in the output of the apt clean button? I saved it to a file and could paste it here. What does it do anyway? I wasn't aware of it so far.

  • Should I deactivate this function? I thought it checks the cert after creation with every renewal.

    As far as I know, the test cert function is meant as test playground for you, as opposed to a production system. Enabling that box gives you a cert to test things with and play around without messing up a "real" certificate.

    • Offizieller Beitrag

    Are you still interested in the output of the apt clean button? I saved it to a file and could paste it here. What does it do anyway? I wasn't aware of it so far.

    Nope since it is working now. Here is what it does - https://github.com/OpenMediaVa…usr/sbin/omv-aptclean#L29

    omv 7.0-32 sandworm | 64 bit | 6.5 proxmox kernel

    plugins :: omvextrasorg 7.0 | kvm 7.0.9 | compose 7.0.9 | cputemp 7.0 | mergerfs 7.0.3


    omv-extras.org plugins source code and issue tracker - github


    Please try ctrl-shift-R and read this before posting a question.

    Please put your OMV system details in your signature.
    Please don't PM for support... Too many PMs!

    • Offizieller Beitrag

    openmediavault and letsencrypt require ngix plugin installed?

    No but OMV uses nginx by default.


    i generate it but i don't see certificate on webui

    Do you have it in test mode? What webroot did you use?

    omv 7.0-32 sandworm | 64 bit | 6.5 proxmox kernel

    plugins :: omvextrasorg 7.0 | kvm 7.0.9 | compose 7.0.9 | cputemp 7.0 | mergerfs 7.0.3


    omv-extras.org plugins source code and issue tracker - github


    Please try ctrl-shift-R and read this before posting a question.

    Please put your OMV system details in your signature.
    Please don't PM for support... Too many PMs!

    • Offizieller Beitrag

    Test mode? not


    webroot /var/www/openmediavault

    Do you have https enabled for the OMV web interface and the port open on your router?

    omv 7.0-32 sandworm | 64 bit | 6.5 proxmox kernel

    plugins :: omvextrasorg 7.0 | kvm 7.0.9 | compose 7.0.9 | cputemp 7.0 | mergerfs 7.0.3


    omv-extras.org plugins source code and issue tracker - github


    Please try ctrl-shift-R and read this before posting a question.

    Please put your OMV system details in your signature.
    Please don't PM for support... Too many PMs!

    • Offizieller Beitrag

    Yes, the problem is that i don't view certificate in "Certificate", i view only self signed certificate

    I'm not psychic so I need to ask these questions. If letsencrypt can't read the temporary file on your web server, it won't generate the cert. Did you generate what you are calling the self signed cert? What is the output of the Generate button?

    omv 7.0-32 sandworm | 64 bit | 6.5 proxmox kernel

    plugins :: omvextrasorg 7.0 | kvm 7.0.9 | compose 7.0.9 | cputemp 7.0 | mergerfs 7.0.3


    omv-extras.org plugins source code and issue tracker - github


    Please try ctrl-shift-R and read this before posting a question.

    Please put your OMV system details in your signature.
    Please don't PM for support... Too many PMs!

  • Hi,


    just FYI:
    I now run


    Code
    letsencrypt certonly --standalone --http-01-port 90 -d xx.my-wan.de

    And port 80 (Internet) is forwarded to port 90 on my OMV Machine.


    This way:
    1) I do not need to forward the port manually for each renewal
    2) nevertheless OMV is not always exposed to the internet.


    On Port 90 only in case of the renewal something is listening.


    Greetings,
    Hendrik

  • I'm not psychic so I need to ask these questions. If letsencrypt can't read the temporary file on your web server, it won't generate the cert. Did you generate what you are calling the self signed cert? What is the output of the Generate button?

    No problem i understand @ryecoaaron :)
    My self signed certificate it's an old cerfificate that i've generate manually.


    This is the output (letsencrypt):

    • Offizieller Beitrag

    And port 80 (Internet) is forwarded to port 90 on my OMV Machine.


    This way:
    1) I do not need to forward the port manually for each renewal
    2) nevertheless OMV is not always exposed to the internet.


    On Port 90 only in case of the renewal something is listening.

    I don't open any ports. I use acme.sh which allows me to get a wildcard cert and automatically do the TXT record stuff which eliminates the need to have a file accessible by a web site. I would like to change the plugin to use this but not sure it will work and/or if I will have time.


    Challenge failed for domain mydomain.domain.com

    Here is problem. It can't access the temporary files it places in your web root. Not much I can do to fix this.

    omv 7.0-32 sandworm | 64 bit | 6.5 proxmox kernel

    plugins :: omvextrasorg 7.0 | kvm 7.0.9 | compose 7.0.9 | cputemp 7.0 | mergerfs 7.0.3


    omv-extras.org plugins source code and issue tracker - github


    Please try ctrl-shift-R and read this before posting a question.

    Please put your OMV system details in your signature.
    Please don't PM for support... Too many PMs!

  • I have a problem with Letsencryt as well:
    I was able to create a certificate using Letsencrypt plugin but it's not showing under System->Certificates->SSL.
    Means, I cannot select this certificate when setting up a server with nginx-Plugin.
    What am I doing wrong?
    OMV 4.1.14-1, openmediavault-letsencrypt 3.4.5

  • Permission problem?

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!