I have certbot installed on the server, how can I get it to work in the OMV GUI / ensure OMV is using it?

Hi all,

I've logged in via SSH and run the following command:

certbot --nginx --redirect -d subdomain.domain.com -d subdomain.domain.com -m email@address.com --agree-tos

This gave me a certificate which is great.

However, I note theres a certificate section in the Secure Connection area in the Web Administration area. I drop down that option and nothing is there.

How can I ensure OMV is using my certificate?

Thank you

Thank you for this. However I am a bit new to SSL certs.

As a note, this is a public facing machine, it's not behind my modem. I've got a server on Vultr and can access via subdomain.domain.com if that makes any difference.

I've gone and created a ssl cert using the certbot command :

certbot --nginx --redirect -d subdomain.domain.com -d subdomain.domain.com -m email@address.com --agree-tos

However, how does that let me use it in omv? I am sorry I don't understand what you mean by "copy the new cert on top of the old one and restart nginx in your script" in regard to what I've done.

Thank you

Thank you I do appreciate your help.

However, when I go to System / Certificates and Add / Import the cert. There is nothing to import.

I'm really not sure what to do there and can't find any docs / tutorials anywhere on this topic.

For example, in the OMV docs I found this statement RE letsencrypt:

LetsEncrypt

Lets Encrypt certificates can be imported directly, just locate your /etc/letsencrypt/live/<mydomain.com>/fullchain,privkey.pem files and copy their contents in their respective field. No need to convert.

So I looked on the filesystem, and found the following:

cert.pem

chain.pem

fullchain.pem

privkey.pem

README

So I'm just not sure what to do. I am not finding the docs clear based on that paragraph.

There is! Thank you. I found the import in the dropdown.

I pasted the results of cat privkey.pem into the box.

However, there is one called public key in the omv interface. Which file's contents should I paste into that? fullchain maybe? Well, I tried that and it says invalid format. I'm not sure. It's really not clear in the docs.

Thanks again for this.

Thank you. I ended up finding this part of the interface. I can copy / paste the Private Key and that seems fine. But when I try the Public Key it says invalid format. I am pasting the contents of fullchain.pem into Public Key.

Thank you for that. I do have one. However, pasting its contents gives the same error.

Yes, I get the feeling most people run OMV on a home system behind their modem, so very little is out there for public facing omv servers. It's a struggle to find info / docs / tutorials. Thanks for your time though, much appreciated.

Zitat von Zoki

@TeWuEs did it recently in ths thread RE: Can not login with host.domain but can with IP address maybe he can give detailed instructions.

Thank you.

I went there, started asking, looked over my interface and... guess what?

I was entering the data into SSH not SSL. There are two tabs.

So now my keys are accepted, in the system... and I still have a broken lock on my address bar. sigh.

Oh well, one step at a time!

I definitely have a valid letsencrypt cert. I also have it imported in the OMV interface. I just have to keep plugging away.

Thanks again everyone!

hmm, it says:

https://i.imgur.com/zsdKtfA.png

But I definitely have an SSL cert. Checking my terminal on the server I get:

$ certbot certificates

Saving debug log to /var/log/letsencrypt/letsencrypt.log

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Found the following certs:

Certificate Name: [redacted]

Domains: [redacted]

Expiry Date: 2022-04-20 06:00:47+00:00 (VALID: 89 days)

Certificate Path: /etc/letsencrypt/live/redacted/fullchain.pem

Private Key Path: /etc/letsencrypt/live/redacted/privkey.pem

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -