Plans for Automated SSL Certificate Renewal Automation?

[KevDog]

Is there any plans in the works for FreeNAS integrating acme.sh, certbot, or other such program that would allow for automated SSL certificate generation and/or renewal? I see an acme dns section however I'm betting this has nothing to do with SSL Certs since the only option is with AWS53. Right now I'm using danb's script to integrate acme.sh let's encrypt certs into the GUI -- which works OK (not complaining), however it seems like the functionality of this script would best be represented in the middleware itself.

 

[danb35]

It's already there, and yes, it's the acme DNS section. And yes, at this time, it only works for Route53 DNS. Vote for this issue if you'd like to see that change:

https://jira.ixsystems.com/browse/NAS-104912

 

[KevDog]

It's already there, and yes, it's the acme DNS section. And yes, at this time, it only works for Route53 DNS. Vote for this issue if you'd like to see that change:

https://jira.ixsystems.com/browse/NAS-104912

Hey thanks for link. I didn't know this jira thread existed. More to the point that I'm scratching my head why FreeNas' decision was to release such a feature with only AWS as the client. Definitely no Let's Encrypt/cloudflare love here.

 

[danb35]

More to the point that I'm scratching my head why FreeNas' decision was to release such a feature with only AWS as the client.

I'll speculate that its current state is a proof of concept--code a minimal implementation, make sure it works and doesn't have unforeseen problems, and then see about expanding it. Expansion does seem to be intended for something in the 12.1 series.