Solved. Install SSL for Proxmox VE 6.3 using Certbot by Let's Encrypt (LE)

-

 Install certbot with apt:

#apt install certbot
Rub the following command and follow the instructions on the  screen to obtain the certificate.

#certbot certonly

Copy the certificate from the Let's Encrypt  directory to the PVE directory

#cp /etc/letsencrypt/live/proxmox.jnec.edu.bt/fullchain.pem /etc/pve/local/pve-ssl.pem

#cp /etc/letsencrypt/live/proxmox.jnec.edu.bt/privkey.pem /etc/pve/local/pve-ssl.key

#systemctl restart pveproxy

Cronjob to renew the certificate:

Lets Encrypt SSL expire every 90 days, so we will renew it every month with a cronjob. For this, create a file

vim /usr/local/bin/renew-pve-certs.sh with the following code :

cp /etc/letsencrypt/live/proxmox.jnec.edu.bt/fullchain.pem /etc/pve/local/pve-ssl.pem cp /etc/letsencrypt/live/proxmox.jnec.edu.bt/privkey.pem /etc/pve/local/pve-ssl.key service pveproxy restart

Make it executable :

#chmod 755 /usr/local/bin/renew-pve-certs.sh

Run this command every 30 days, add the following in the cronjob :

#vim /etc/crontab

30 6 1,15 * * root /usr/bin/certbot renew --quiet --post-hook /usr/local/bin/renew-pve-certs.sh



Comments

  1. 99percentApril 2, 2021 at 5:20 AM

    Good to do this outside of proxmox tools.

    But be aware of some typos here.

    In my case the ssl renew command is:

    /usr/local/bin/certbot renew >> /var/log/le-renew.log

    ReplyDelete

Post a Comment

Popular posts from this blog

ACTION_FAILED:OU_INVALID: Solution for GoogleApps bulk user upload issue, username@domainname.com:ACTION_FAILED:OU_INVALID. This error is because you have not specified the Org Unit Path properly.

-
To upload bulk users to GoogleApps, you will require a following required fileds, other fields are optional:-               First Name               Last Name               Email Address               Password               Org Unit Path What is 'Org Unit Path'? This field was not their earlier. This is the path to place users in an organizational unit. For example if your domain has different organization unit like , staff, students, guest etc.. then the Org Unit Path would be just :  /
Read more

Email Notification in Koha! How to configure Email Notification in Koha 20.11 with postfix?

-
Image
Here is the steps to configuring Koha 20.11 & postfix for sending notices/slips through email. 1. First install postfix             #sudo apt-get update             #sudo apt-get install postfix          Click on OK.    Tab and select No configuration. 2.  Copy the configuration file     #  cp /usr/share/postfix/main.cf.debian /etc/postfix/main.cf 3. Install the other required packages.     #apt-get install libsasl2-2     #apt-get install libsasl2-modules     #apt-get install ca-certificates 4.  Open the following file and add few lines.     # vim /etc/postfix/main.cf and add the following lines at the bottom of the page and save the file.     relayhost = [smtp.gmail.com]:587     smtp_sasl_auth_enable = yes     smtp_sasl_password_...
Read more

Solution to Moodle Error: Coding error detected, it must be fixed by a programmer: Failed to unserialise data from file. Either failed to read, or failed to write.

-
Image
Did you ever come across the following error when you try to access Moodle, "Coding error detected, it must be fixed by a programmer: Failed to unserialise data from file. Either failed to read, or failed to write." This usually happens when cache files are corrupted, one probable cause can be improper shutdown of Moodle system. Here is the solution to fix the issue. 1. Go to Moodle root directory     #cd /var/www/html/moodle   2. Run the command      #php admin/cli/purge_caches.php 3. Go to moodledata/cache directory   #cd /var/moodledata/cache    4. Remove the cache store directory, DO NOT remove of change the core_component.php file    # rm -rf cachestore_file/ 5. Refresh the Moodle Page. Its should work.
Read more