Issues setting up acme.sh

TrueNAS General
1

Hey there,
I’m currently trying to get that shell-script implementation for acme.sh working.

I’m using this tutorial as guide:

Now my issue is, that GUI process window will vanish after “Initial validation complete”;

grafik
grafik380×183 2.81 KB

Leaving the job as failed - with no logs and “no errors”.

grafik
grafik1246×774 19.1 KB

I am able to manually request certificates via acme.sh - that thing seems to be working. Might be something with GUI or this acmeShellAuth.sh script from the guide. Maybe something very basic might fail. Like permissions etc… - but for testing / debugging I’ve set everything involved to 777 which lets permissions not look like the culprit this time…

Can you give me a hint where to start searching for whats failing? Why does that progress notification gets closed without any error message?!

SCALE 25.04.1

1 Like
2

Known bug, supposedly will be fixed in 25.04.2. As an alternative, see:

1 Like
3

That guide in the OP in the linked thread is rather dated.

As it happens @dan posted further down in that thread and as far as I know, he has maintained his script.

4

Thanks for your replies, so GUI is indeed bugged currently, not my fault?

I’ve read somewhere, that API is deprecated and likely to be removed in future version. Which is rendering the acme.sh deployment script solution as a bit short living, since it is relying onto that WS-API.

Maybe better waiting for 25.04.2? Not sure tho.

5

…which is why the guide I linked you to uses the new script, which in turn uses the new API. It’s the REST API that’s deprecated.

1 Like
6

Ok, my bad for lack of knowledge that there are currently 2 API implementations :wink:

Creating new keys via ui/credentials/users/api-keys will get me that new ones, correct? Or are those universal keys for both APIs?

7

Yep.

1 Like
8

Thanks, will give this a try. Solved I guess.

9

The supported GUI method is planned to be fixed in 25.04.2 which is expected to be released within 2 weeks.

10

Anyone know if it was indeed fixed by 25.04.2.5?

11

In 25.04.2, yes I believe so, my certificates work without issue and we haven’t seen more people post about this issue since then.

12

So if that’s fixed, what’s the state of “Adding an Authenticator with a Shell Script”?

The docs are extremely sparse. They don’t really say what the script should do. Presumably it should invoke acme.sh, but with what options? Where/how should it install the certs? Should it use the --deploy-hook truenas_ws parameter?

As much as Dan’s scripts are great, if possible I’d like to stick with built-in functionality (it’s just one less piece of software to keep updated).

Is klaboor’s old how-to still basically correct?