Change favorite certificate CLI

NethServer Version: 7.4
Module: Server Certificate

Hi,
how can I change Nethserver favorite certificate from command line?
I am writing a script, because NS doesn’t update certificates if there is a proxy pass set for this domain…
And how often I have to update certs?

Thanks.

P.S. An OT question… NS 7.5 is released for testing or I can update on production servers?

Here are some docs:
http://docs.nethserver.org/projects/nethserver-devel/en/v7/certificate_management.html

Here is a discussion about cert scripting:

1 Like

Thank you so much

1 Like

Did you update the nethserver-httpd-proxypass package to latest version? It should allow virtual host reverse proxy with a local LE certificate… If it does not work it’s a #bug!

See

http://docs.nethserver.org/en/v7/proxy_pass.html#reverse-proxy

And also

1 Like

If I use this and not a .conf file NS is able to update https certs?

Yep! Certificates are updated by certbot (letsencrypt)

Now i have a .conf file. Why it doesn’t update letsencrypt certs?

It probably blocks the LE challenge path. Look at

Thanks. I will try with NS httpd-admin.
Thank you so much.

I can’t assert it’s a good test case :face_with_raised_eyebrow: I’d rather try with roundcube or a static web site…

Sorry… I will try to remove .conf file and put info in NS httpd-admin

A question… do you think that I have to “Accept invalid SSL certificate from target”?
In my project I don’t want to update SSL internal server certificates…
@davidep I hope in your advice… thanks.

1 Like

If you don’t fear MITM attacks why not… In LAN can be acceptable also clear text protocol.

1 Like