OPNsense Forum

Archive => 17.1 Legacy Series => Topic started by: pingus on June 06, 2017, 09:19:55 am

Title: Let's Encrypt certificates not visible in haproxy
Post by: pingus on June 06, 2017, 09:19:55 am

Hi

With 17.1.8 I created two new LE certificates. I successfully got them and they are visible under System->Trusts->Certificates but I am not able to add them to the haproxy frontend because they are not in the certificates drop down list.

Firewall restart didn't help. Removing the certificates and re-issuing didn't help.

I could add certificates with one of the version before.

What else can I do? Any other ideas?

Regards
Pingus

Title: Re: Let's Encrypt certificates not visible in haproxy
Post by: bartjsmit on June 06, 2017, 03:13:55 pm

Did you add the root CA and any intermediates?

Bart...

Title: Re: Let's Encrypt certificates not visible in haproxy
Post by: pingus on June 06, 2017, 03:42:13 pm

Let's Encrypt Authority X3 (Let's Encrypt) is added.

Older certificates generated with an earlier version of opnsense (for different domains than the two I need now) are still visible in haproxy

Title: Re: Let's Encrypt certificates not visible in haproxy
Post by: pingus on June 06, 2017, 06:11:43 pm

Oh, there was a bug report on the firewall:

PHP Errors:

[06-Jun-2017 09:06:50 Europe/Zurich] PHP Warning:  cert_action_validator(): Node no longer exists in /usr/local/opnsense/scripts/OPNsense/AcmeClient/certhelper.php on line 123
[06-Jun-2017 09:08:45 Europe/Zurich] PHP Warning:  cert_action_validator(): Node no longer exists in /usr/local/opnsense/scripts/OPNsense/AcmeClient/certhelper.php on line 123
[06-Jun-2017 09:10:01 Europe/Zurich] PHP Warning:  cert_action_validator(): Node no longer exists in /usr/local/opnsense/scripts/OPNsense/AcmeClient/certhelper.php on line 123