TLS certificates/events

NethServer Version: 7.4
Module: base

I have a Nethserver installation behind a firewall that won’t allow inbound HTTP connections, so the built-in Let’s Encrypt support won’t work. I’m still wanting to obtain a Let’s Encrypt cert, but I’ll do it using and DNS validation–that much is easy enough. That leaves two questions, though:

  • Is there a preferred place for the cert/chain/key to be saved? I assume these can be set with db properties, but some locations would be better than others, no doubt.
  • What event reconfigures whatever services are using a TLS cert, to use a new one?

Of course:

  • certificates: `/etc/pki/tls/certs/``
  • private keys: /etc/pki/tls/private

But you can always use the web interface to upload the certificate as a custom one :slight_smile:


signal-event certificate-update

(See also

Sure, but I can’t automate that. And looks like the relevant config entries are under the pki key in the config database. Looks straightforward enough.

1 Like