Solved. Install SSL for Proxmox VE 6.3 using Certbot by Let's Encrypt (LE)
Install certbot with apt:
#apt install certbot
Rub the following command and follow the instructions on the screen to obtain the certificate.
#certbot certonly
#cp /etc/letsencrypt/live/proxmox.jnec.edu.bt/fullchain.pem /etc/pve/local/pve-ssl.pem
#cp /etc/letsencrypt/live/proxmox.jnec.edu.bt/privkey.pem /etc/pve/local/pve-ssl.key
#systemctl restart pveproxy
Cronjob to renew the certificate:
Lets Encrypt SSL expire every 90 days, so we will renew it every month with a cronjob. For this, create a file
# vim /usr/local/bin/renew-pve-certs.sh with the following code :
cp /etc/letsencrypt/live/proxmox.jnec.edu.bt/fullchain.pem /etc/pve/local/pve-ssl.pem cp /etc/letsencrypt/live/proxmox.jnec.edu.bt/privkey.pem /etc/pve/local/pve-ssl.key service pveproxy restart
Make it executable :
#chmod 755 /usr/local/bin/renew-pve-certs.sh
Run this command every 30 days, add the following in the cronjob :
#vim /etc/crontab
30 6 1,15 * * root /usr/bin/certbot renew --quiet --post-hook /usr/local/bin/renew-pve-certs.sh
Good to do this outside of proxmox tools.
ReplyDeleteBut be aware of some typos here.
In my case the ssl renew command is:
/usr/local/bin/certbot renew >> /var/log/le-renew.log