It's a bit odd though, he registered an account to comment this, but neglected to read 3 posts higher and notice it's severely bugged in 21.04 :')
Other folks are saying it is working for them in this thread.
It's a bit odd though, he registered an account to comment this, but neglected to read 3 posts higher and notice it's severely bugged in 21.04 :')
No one here said so ;-)Other folks are saying it is working for them in this thread.
No one here said so ;-)
I think you're confusing threads.
It's about a 50% chance if it works at the moment.
i am still trying to make it run and i am stucking here, too.Alright, progress!
This is more for the iX folks at this point:
Is there a good way to validate that cloudflare creds are working? I am using the API key as stated, have 1.1.1.1 for the dns and tried a reboot. It looks like it is not successfully creating the TXT record for the challenge.
Code:Error: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/middlewared/plugins/acme_protocol_/issue_cert.py", line 101, in issue_certificate return acme_client.poll_and_finalize( File "/usr/lib/python3/dist-packages/acme/client.py", line 710, in poll_and_finalize orderr = self.poll_authorizations(orderr, deadline) File "/usr/lib/python3/dist-packages/acme/client.py", line 734, in poll_authorizations raise errors.ValidationError(failed) acme.errors.ValidationError During handling of the above exception, another exception occurred: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/middlewared/job.py", line 378, in run await self.future File "/usr/lib/python3/dist-packages/middlewared/job.py", line 414, in __run_body rv = await self.method(*([self] + args)) File "/usr/lib/python3/dist-packages/middlewared/schema.py", line 1001, in nf return await f(*args, **kwargs) File "/usr/lib/python3/dist-packages/middlewared/plugins/crypto.py", line 1584, in do_create data = await self.middleware.run_in_thread( File "/usr/lib/python3/dist-packages/middlewared/utils/run_in_thread.py", line 10, in run_in_thread return await self.loop.run_in_executor(self.run_in_thread_executor, functools.partial(method, *args, **kwargs)) File "/usr/lib/python3/dist-packages/middlewared/utils/io_thread_pool_executor.py", line 25, in run result = self.fn(*self.args, **self.kwargs) File "/usr/lib/python3/dist-packages/middlewared/schema.py", line 1005, in nf return f(*args, **kwargs) File "/usr/lib/python3/dist-packages/middlewared/plugins/crypto.py", line 1639, in __create_acme_certificate final_order = self.middleware.call_sync('acme.issue_certificate', job, 25, data, csr_data) File "/usr/lib/python3/dist-packages/middlewared/main.py", line 1266, in call_sync return methodobj(*prepared_call.args) File "/usr/lib/python3/dist-packages/middlewared/plugins/acme_protocol_/issue_cert.py", line 117, in issue_certificate raise CallError(f'Certificate request for final order failed: {msg}') middlewared.service_exception.CallError: [EFAULT] Certificate request for final order failed: Authorization for identifier Identifier(typ=IdentifierType(dns), value='mydomain.com') failed. Here are the challenges that were not fulfilled: Challenge Type: dns-01 Error information: - Type: urn:ietf:params:acme:error:unauthorized - Details: No TXT record found at _acme-challenge.mydomain.com
thanks!07 - Adding Lets-Encrypt Certificates | TrueCharts
With TrueNAS SCALE, it's possible to automatically generate certificates for your domain(s) using letsencrypt. However, this process is not very self-explanatory.truecharts.org
I know this is an old thread, but this link results in a 404 not found.
That's because iX have chosen to only include those two in their UI. It's still better than in CORE, though, where it's AWS or nothing. Edit: The reason the DNS host matters in this context is that the Let's Encrypt integration wants to use DNS validation, which (practically) requires the ability to create and remove DNS records programmatically. This isn't the only way to get a cert, but it doesn't require that anything on your server be exposed to the Internet.What I don't get is having to use AWS or Cloudflare to host my DNS.
Is there a way of using Letsencrypt without having to use these to host my DNS?
1. It's the same, just moved under other menu.I know this is an old thread, but this link results in a 404 not found.
Is this the new version of the documentation?
https://truecharts.org/docs/manual/guides/adding-letsencrypt/
https://truecharts.org/docs/manual/guides/adding-letsencrypt/
What I don't get is having to use AWS or Cloudflare to host my DNS. Is there a way of using Letsencrypt without having to use these to host my DNS?
Hmmm, that's new and interesting...Scale also supports custom (via shell script) cert renewal/DNS Challenge.
Okay, I changed my DNS to Cloudflare. Went through pretty quickly. Set up cert in TrueNAS fine. But now noticed my website isn't working, giving a too many redirects error, so reverting name server back to how I had it until I have more time to look at this. It has gone midnight here.There's no reason that moving your DNS hosting to Cloudflare would need to affect your website.
Turning off the proxy for all the DNS entries seems to have worked.First thing I'd try is turning off the Cloudflare proxy.