My Acme automation to Proxmox completes successfully but Proxmox still uses the old certificate. I've tried rebooting Proxmox and the debug.2 log shows the automation completes successfully. I know Acme is updating the certs because I can manually upload them to Proxmox, and the new certs are applied. Is the Acme Proxmox automation working for anyone? I am running OPNsense 25.1 but I noticed this issue with 24.7.12 too.
Quote from: julsssark on February 09, 2025, 06:01:54 PMMy Acme automation to Proxmox completes successfully but Proxmox still uses the old certificate. I've tried rebooting Proxmox and the debug.2 log shows the automation completes successfully. I know Acme is updating the certs because I can manually upload them to Proxmox, and the new certs are applied. Is the Acme Proxmox automation working for anyone? I am running OPNsense 25.1 but I noticed this issue with 24.7.12 too.
ACME works very well when correctly configured. You can test the automation/upload: Click "Edit Automation" -> "Test Connection".
You might have to change the "Remote Path" according to your needs.
Thanks but I am not seeing "Test Connection" under Edit Automation. The Proxmox automation uses an API so there may not be a test connection (see screenshot). According to the logs, the Proxmox automation is completing successfully but the old certificate continues to be used on Proxmox. My other Acme automations are working correctly.
Hello,
Interested if you find a solution to this issue. I am having the same problem. Getting the cert works fine. The log says the automation completes successfully (return code 0), but I don't see the cert in Proxmox. Very confused. It feel like I am just missing a step.
Not sure if this will help but I kept tinkering and I think I got it to work. My cert is now showing up in the list on the node. I had to go into the API key in promxmox and uncheck "Privilege Separation". Then I reran the automation and it showed up. Hope this help you.
Thank you @TheCrackedCube. Unchecking privilege separation and rerunning the automation worked correctly.
I finally managed to get my cert exported to Proxmox.
I just followed this recent guide:
https://sysadmin102.com/2025/02/proxmox-opnsense-acme-certificate-automation/
It goes on about using a limited new user-token just for the purpose of the acme automation which seemed a good idea.
I had to make sure I have a DNS override setup in my OpnSense Unbound DNS so it would resolve my Proxmox host.
Works a treat :)
Didn't need to do any command line stuff to get Acme to work. Just create the API Token (not user) and check "Privilege Separation".