Proxmox ACME issue certificate

2020-01-03

I was looking into issuing a SSL certificate for my Proxmox instance running on my newly bought intel NUC. As I am completely new to Proxmox it took me a while to get it working so let me share my experience with you so it might take you less time.

Port forwarding

As mentioned in the documentation

Port 80 of the node needs to be reachable from the internet

Which means I need to enable port forwarding, I am also going to enable it for port 8006.

  • 80: used during certificate issuing/renewal
  • 8006: used to access the Proxmox instance

DNS record

You'll also need to create a new 'A' type DNS record which redirects to your network. Mine is configured on DigitalOcean

ACME issuing on instance

Execute the following commands to issue a new certificate using ACME

1
pvenode acme account register default example@proxmox.com

Select the production environment, option 0 + accept the Terms of Service

1
pvenode config set --acme domains=your.domain.here

In my example the domain is pve.jeroendruwe.be

1
pvenode acme cert order

When this finishes successfully the pveproxy should restart and the certificate should be instantiated.

Created by Jeroen Druwé