We got a server with sites that are accessed only inside our network, so everytime we deploy a site we use let’s encrypt certbot to obtain a certificate and a private key using an acme challenge, which asks for a txt record on a public dns. That way we obtain a valid certificate from a proper CA from within our local network.
We usually add our certificates to our nginx or apache2 config and it always work, but from what i understand with truenas it is discouraged because it is meant to be set up using the UI, but whenever I try to import the certificate I get this:
# Error: privatekey
A valid private key is required, with a passphrase if one has been set.
Error: Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/middlewared/job.py", line 515, in run
await self.future
File "/usr/lib/python3/dist-packages/middlewared/job.py", line 560, in __run_body
rv = await self.method(*args)
^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/middlewared/service/crud_service.py", line 287, in nf
rv = await func(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/middlewared/schema/processor.py", line 48, in nf
res = await f(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/middlewared/schema/processor.py", line 174, in nf
return await func(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/middlewared/plugins/crypto_/certificates.py", line 313, in do_create
verrors.check()
File "/usr/lib/python3/dist-packages/middlewared/service_exception.py", line 72, in check
raise self
middlewared.service_exception.ValidationErrors: [EINVAL] certificate_create.privatekey: A valid private key is required, with a passphrase if one has been set.
Any ideas?
Btw I issued the certificate using no password, but the message does not mention it.