[PVE-User] Step-CA And Proxmox

[PVE-User] Step-CA And Proxmox

[duluxoz]

Hi All,

We run an internal PKI using the Step-CA project 
(https://smallstep.com/certificates/).

Step-CA can respond to ACME Client requests in exactly the same way that 
Let's Encrypt does - you simply point the client ACME App/Script 
(Certbot, acme.sh, etc) to the local CA instead of Let's Encrypt's servers.

So our question is: Within Proxmox, which can handle Let's Encrypt 
Certs, how do we (is it possible too) point the Proxmox ACME Client to 
our internal Step-CA servers? Is there a config setting we've missed, an 
Add-On, etc, or something else?

Thanks in advance

Dulux-Oz


_______________________________________________
pve-user mailing list
pve-user@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Step-CA And Proxmox

[Aaron Lauterer]

With recent versions it is possible to add custom ACME directories. That 
should most likely do what you need?

On  2024-08-15  09:22, duluxoz wrote:
> Hi All,
> 
> We run an internal PKI using the Step-CA project 
> (https://smallstep.com/certificates/).
> 
> Step-CA can respond to ACME Client requests in exactly the same way that 
> Let's Encrypt does - you simply point the client ACME App/Script 
> (Certbot, acme.sh, etc) to the local CA instead of Let's Encrypt's servers.
> 
> So our question is: Within Proxmox, which can handle Let's Encrypt 
> Certs, how do we (is it possible too) point the Proxmox ACME Client to 
> our internal Step-CA servers? Is there a config setting we've missed, an 
> Add-On, etc, or something else?
> 
> Thanks in advance
> 
> Dulux-Oz
> 
> 
> _______________________________________________
> pve-user mailing list
> pve-user@lists.proxmox.com
> https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-user
> 
> 


_______________________________________________
pve-user mailing list
pve-user@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-user

Re: [PVE-User] Step-CA And Proxmox

[duluxoz]

Thanks.

And that's in the manual? I must have missed it :-)

Cheers

> With recent versions it is possible to add custom ACME directories. That 
> should most likely do what you need?
>
>> On  2024-08-15  09:22, duluxoz wrote:
>>/Hi All, />>//>>/We run an internal PKI using the Step-CA project />>/(https://smallstep.com/certificates/). />>//>>/Step-CA can respond to ACME Client requests in exactly the same way that />>/Let's Encrypt does - you simply point the client ACME App/Script />>/(Certbot, acme.sh, etc) to the local CA instead of Let's Encrypt's 
servers. />>//>>/So our question is: Within Proxmox, which can handle Let's Encrypt />>/Certs, how do we (is it possible too) point the Proxmox ACME Client to />>/our internal Step-CA servers? Is there a config setting we've missed, an />>/Add-On, etc, or something else? />>//>>/Thanks in advance />>//>>/Dulux-Oz />>//>>//>>/_______________________________________________ />>/pve-user mailing list />>/pve-user at lists.proxmox.com 
<https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-user> />>/https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-user /
_______________________________________________
pve-user mailing list
pve-user@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-user