Stack Overflow
Stack Overflow

Questions tagged [acme]

85 questions
1
vote
2 answers

Using step-ca as an intermediate ca with certificates provided by a parent CA

I am looking to use a intermediate CA which can sign certificates via ACME. We have a number of internal web servers which are not accessable on the internet which use SSL all of which need to be managed manually. We already have an internal CA…
Scott Neville
  • 848
  • 1
  • 7
  • 14
1
vote
0 answers

Cert-Manager: renewing dns01 certificate not working

We are using Cert-manager to manage the tls certifications for a website. The website's certificate expired yesterday, I tried to investigate why cert-manager was not doing its job. I have checked the details of certificate fakename-io-cert, looks…
Ken Tsoi
  • 1,195
  • 1
  • 17
  • 37
1
vote
1 answer

when run `win` command in acme the prompt is showing odd symbols

I'm starting the acme from a bash shell with minimum settings, and my system default shell is zsh. When I run win in acme I got the following prompt, I believe it's due to some color-related setting for shell, but I can't figure out where to reset…
Ian Zhang
  • 402
  • 3
  • 17
1
vote
1 answer

"Invalid host in redirect target" using ACME on pfsense

I've set up pfsense to manage my network, and I have the ACME plug in installed. I'm to correctly direct traffic to my secure webservers, but first I need to get the certificates onto PFSense. At the moment, my certificates are using certbot on the…
Mr. Berzerk
  • 33
  • 1
  • 7
1
vote
1 answer

Traefix v1.7 static certificates and dynamic acme certificates

I am using traefik:1.7.6-alpine in docker in swarm mode. I need to specify static ssl certificates and other self-managed acme certificates. This is the error I get when lifting the container: time="2020-06-18T02:45:52Z" level=info msg="\nStats…
Jaime Roman
  • 749
  • 1
  • 11
  • 26
1
vote
0 answers

certbot ACMEv1 transition to ACMEv2

We currently run our own installer when building a new Ubuntu 18.04 deployment. It creates an SSL cert for us using the following command: certbot certonly --non-interactive -d $domain -d www.$domain --agree-tos -m X@X.com --webroot --webroot-path…
user783322
  • 479
  • 1
  • 8
  • 19
1
vote
0 answers

HTTPS and subdomain in Traefik

I have a Traefik and a few services in docker-containers. Here is docker-compose.yml file: version: "3" services: main-app: image: some-image container_name: main_app labels: - "traefik.enable=true" -…
BlackTheFall
  • 13
  • 3
1
vote
3 answers

How do I get AzureRM Application Gateway to take ACME .PEM cert as trusted_root_certificates in AGW SSL end-to-end config?

I'm trying to create azurerm backend_http_settings in an Azure Application Gateway v2.0 using Terraform and Letsencrypt via the ACME provider. I can successfully create a cert and import the .pfx into the frontend https listener, acme and azurerm…
devops_trainwrek
  • 13
  • 5
1
vote
1 answer

Let's Encrypt ACME ID in Caddy

I'm trying to define a ACME account ID 1234567 within the Caddy webserver to validate Let's Encrypt certificates. The documentation is pretty elaborate on tls automation and ACME options, but I couldn't find any way to implement an account ID. Does…
Olivier
  • 43
  • 5
1
vote
1 answer

Python Acme V2 - Reuse Order/Challenge

I'm using python-acme to write a small script that does takes in a domain and does one of two things: Using the DNS01 challenge, if the challenge doesn't pass, return the DNS entry that needs to be added to the domain. Using the DNS01 challenge, if…
Bryant Makes Programs
  • 1,493
  • 2
  • 17
  • 39
1
vote
0 answers

ACME certbot: Dry run is successful although no connection open

I have a question about certbot: At the moment, I test it using the following command: docker run -t --rm -v nginx-docker_certs:/etc/letsencrypt certbot/certbot certonly --dry-run --standalone -d mydomain.tld When I run…
Aliquis
  • 2,091
  • 4
  • 21
  • 40
1
vote
0 answers

How to fix ... Unable to obtain ACME certificate ... thanks to rule \"Host:myhost.mydomain.com;PathPrefix:/app1{id:[0-9]?}\"

I have a set of meteor apps running as a docker stack along with traefik proxy, mongo and an http server. I had to do some redirection to pass traefik to each individual app so the client requests can be handled properly in response to the meteor…
Randy Pierce - NOAA Affiliate
  • 11
  • 3
0
votes
0 answers

cert-manager certificate order is failing with 400 urn:ietf:params:acme:error:rejectedIdentifier

I have a k3s setup and am trying to get my ingress configured with tls but the certificates are not getting signed by the CA. The error I am getting is given below: Name: tls-cert-grafana Namespace: grafana Created at:…
Scorch
  • 1
0
votes
0 answers

Actix_web server to fetch its own tls certs

I am working on a Webserver which will provide differnt endpoints using https. The Server itself is running fine, but I want to add the auto-reneval of the tls certs using let's encrypt to the server, which I have no idea how to do this. I've…
Mindxxxd
  • 75
  • 6
0
votes
0 answers

Traefik ACME add subnet or IP to certificate generation for x509 verification

When I generate a certificate for SSL/TLS encryption I would like to add extra IP addresses. When setting up a reverse proxy to a host outside the standard docker networks, certificate verification fails with the following message: msg="'500…
user2863494
  • 177
  • 1
  • 1
  • 13
1 2
3
4 5 6