Solved. Install SSL for Proxmox VE 6.3 using Certbot by Let's Encrypt (LE)

-

 Install certbot with apt:

#apt install certbot
Rub the following command and follow the instructions on the  screen to obtain the certificate.

#certbot certonly

Copy the certificate from the Let's Encrypt  directory to the PVE directory

#cp /etc/letsencrypt/live/proxmox.jnec.edu.bt/fullchain.pem /etc/pve/local/pve-ssl.pem

#cp /etc/letsencrypt/live/proxmox.jnec.edu.bt/privkey.pem /etc/pve/local/pve-ssl.key

#systemctl restart pveproxy

Cronjob to renew the certificate:

Lets Encrypt SSL expire every 90 days, so we will renew it every month with a cronjob. For this, create a file

vim /usr/local/bin/renew-pve-certs.sh with the following code :

cp /etc/letsencrypt/live/proxmox.jnec.edu.bt/fullchain.pem /etc/pve/local/pve-ssl.pem cp /etc/letsencrypt/live/proxmox.jnec.edu.bt/privkey.pem /etc/pve/local/pve-ssl.key service pveproxy restart

Make it executable :

#chmod 755 /usr/local/bin/renew-pve-certs.sh

Run this command every 30 days, add the following in the cronjob :

#vim /etc/crontab

30 6 1,15 * * root /usr/bin/certbot renew --quiet --post-hook /usr/local/bin/renew-pve-certs.sh



Comments

  1. 99percentApril 2, 2021 at 5:20 AM

    Good to do this outside of proxmox tools.

    But be aware of some typos here.

    In my case the ssl renew command is:

    /usr/local/bin/certbot renew >> /var/log/le-renew.log

    ReplyDelete

Post a Comment

Popular posts from this blog

(Solved) (Fixed )MariaDB Unmet Dependencies on Ubuntu 20.04.

-
Error or Issue : Unmet Dependencies:  # sudo apt install mariadb-server Reading package lists... Done Building dependency tree        Reading state information... Done Some packages could not be installed. This may mean that you have requested an impossible situation or if you are using the unstable distribution that some required packages have not yet been created or been moved out of Incoming. The following information may help to resolve the situation: The following packages have unmet dependencies:  mariadb-server : Depends: mariadb-server-10.3 (>= 1:10.3.25-0ubuntu0.20.04.1) but it is not going to be installed E: Unable to correct problems, you have held broken packages. Solution or Fix : Remove the different version of MySQL/MariaDB. To check the version run the following command. #  dpkg -l | grep -E 'mysql|mariadb' output:  ii  libdatetime-format-mysql-perl          0.06-1                            all          module to parse and format MySQL dates and times i
Read more

Solution to Moodle Error: Coding error detected, it must be fixed by a programmer: Failed to unserialise data from file. Either failed to read, or failed to write.

-
Image
Did you ever come across the following error when you try to access Moodle, "Coding error detected, it must be fixed by a programmer: Failed to unserialise data from file. Either failed to read, or failed to write." This usually happens when cache files are corrupted, one probable cause can be improper shutdown of Moodle system. Here is the solution to fix the issue. 1. Go to Moodle root directory     #cd /var/www/html/moodle   2. Run the command      #php admin/cli/purge_caches.php 3. Go to moodledata/cache directory   #cd /var/moodledata/cache    4. Remove the cache store directory, DO NOT remove of change the core_component.php file    # rm -rf cachestore_file/ 5. Refresh the Moodle Page. Its should work.
Read more

ACTION_FAILED:OU_INVALID: Solution for GoogleApps bulk user upload issue, username@domainname.com:ACTION_FAILED:OU_INVALID. This error is because you have not specified the Org Unit Path properly.

-
To upload bulk users to GoogleApps, you will require a following required fileds, other fields are optional:-               First Name               Last Name               Email Address               Password               Org Unit Path What is 'Org Unit Path'? This field was not their earlier. This is the path to place users in an organizational unit. For example if your domain has different organization unit like , staff, students, guest etc.. then the Org Unit Path would be just :  /
Read more