New tnascert-deploy 2.0 is available

jjrushford · November 8, 2025, 6:31pm

Greetings, I’ve released a new version of the tnascert-deploy tool used to import TLS certificates to TrueNAS systems. It is similar to @dan python scripts. You may use this tool as part of an external ACME TLS certificate tools to automate the deployment of your TrueNAS TLS certificates using post deployment hook scripts.

tnascert-deploy 2.0 has bee refactored so that more TrueNAS API’s may be used. This will help to keep the tool up to date going forward and adds support for current and older TrueNAS releases. 2.0 now supports the TrueNAS 25 RPC-JSON 2.0 web socket API as well as the TrueNAS RESTful v2.0 API. Which API you use is now configured with a new config parameter client_api, see the configuration documentation for setting this parameter. Ive tested the tool with the following TrueNAS versions:

TrueNAS-CORE 13.3 using the RESTful API v2.0 - client_api = “restapi”
zVault 13.3-MASTER-202505042329 using the RESTful API v2.0 - client_api = “restapi”
TrueNAS-SCALE 24.10 using the RESTful API v2.0 - client_api = “restapi”
TruNAS-SCALE 25+ using the RPC-JSON v2.0 web socket API, client_api = “wsapi”

The release also adds a new app_list config parameter. This is a comma separated list of docker apps that you wish to update with the newly imported certificate, see the configuration file settings for details. Docker App certificate updates are ignored for zVault and TrueNAS-CORE.

Also included is a bug fix. Older releases could potentially delete some additional network parameters for Docker Apps when updating them with a new certificate. This bug was reported along with a PR fix by itsteddyyo@github.com. Many thanks to itsteddyyo reporting and providing a fix for the issue.

See the tnascert-deploy GitHub repository for details. Binary packages are available for download at tnascert-deploy Release 2.0

If you’ve used the tool in the past, I hope you appreciate the new release. If you encounter any issues, have comments, or would like to see new features, please open an issue ticket at the tnascert-deploy GitHub repository. PR’s are also welcome.

thanks

John Rushford

dan · November 8, 2025, 6:50pm

Looks great–I’m almost tempted to deprecate my scripts in favor of this tool.

jjrushford · November 12, 2025, 1:40pm

I found a bug that prevents the proper command line parsing of options on Windows 11. This bug does not crop up on FreeBSD, Linux, or macOS. I committed a minor change to fix the command line parsing on Windows and have updated the 2.0 release page with a new zip file for windows that has the bug fix. If you’ve previously grabbed the windows build, you should download the new zip file to get the fix. Sorry for the inconvenience.

Topic		Replies	Views
Tnascert-deploy 2.1 is released TrueNAS General TLS , SSL	0	29	December 17, 2025
Tnascert-deploy 1.3 now available TrueNAS General SCALE	0	35	July 22, 2025
Automate non-ACME TLS cert renewals? (Tailscale cert) TrueNAS General SCALE	3	375	June 22, 2025
Tnascert-deploy-2.1-linux-x86_64 TrueNAS General SCALE	0	17	January 2, 2026
Trouble installing TrueNAS API Client on Debian 13 VM TrueNAS General	26	165	December 17, 2025

New tnascert-deploy 2.0 is available

Related topics