Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    ACME pkg v1.0

    Scheduled Pinned Locked Moved ACME
    4 Posts 4 Posters 101 Views 6 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • jimpJ Offline
      jimp Rebel Alliance Developer Netgate
      last edited by jimp

      ACME pkg v1.0 is out now for pfSense Plus 25.07, 24.11, and CE 2.8.0.

      Bug fixes/changes:

      • Synchronized with upstream acme.sh version 3.1.2 (master branch)

      • Various upstream bug fixes for DNS providers

      • Removed deprecated OCSP stapling options
        https://redmine.pfsense.org/issues/16195

      • Fixed a bug with nsupdate and challenge aliases
        https://redmine.pfsense.org/issues/15061

      • Added initial support for custom ACME servers

        Add servers on the General Settings tab.

        Note: This feature has undergone basic testing, however, there is no way to know if it will work against any custom ACME server, and there is no way for the package to know which validation methods are supported by an ACME server.

        Use at own risk. Test before deployment.

        https://redmine.pfsense.org/issues/9833

      Existing Provider Changes:

      • Gandi LiveDNS has deprecated API keys and now uses a Personal Access
        Token (PAT). Configure the new PAT option to ensure future updates
        work.

        https://redmine.pfsense.org/issues/16294

      • Active24 changed from a single Token to an API Key + API Secret and
        must be reconfigured before use.

      • Selectel API version v1 is deprecated, but still available as a new
        option, along with new API v2 options. Must be reconfigured before
        use.

      New DNS Providers:

      • Beget.com
      • EdgeCenter.ru
      • FreeMyIP.com
      • HE.net DDNS
      • Mijn.host
      • OpenProvider via REST API
      • Spaceship
      • Technitium
      • ZoneEdit

      Note: The change from 0.9 to 1.0 does not reflect any particular significant change in the package, but it has been stable for so long that keeping its version number below zero no longer made sense.

      Remember: Upvote with the πŸ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

      Need help fast? Netgate Global Support!

      Do not Chat/PM for help!

      johnpozJ GertjanG Urbaman75U 3 Replies Last reply Reply Quote 3
      • jimpJ jimp pinned this topic
      • johnpozJ Offline
        johnpoz LAYER 8 Global Moderator @jimp
        last edited by johnpoz

        @jimp Just updated acme package to v1, and did a renew of certs even though they were not do for a while. All went fine, using dns-cloudflare

        updated.jpg

        On 25.07 of pfsense+

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 25.07 | Lab VMs 2.8, 25.07

        1 Reply Last reply Reply Quote 1
        • GertjanG Offline
          Gertjan @jimp
          last edited by

          @jimp

          Same pfSense here, upgrade to acme to "1.0" and hit the renew button.
          I'm using the "nsupdate" method. The cert was renewed just fine.

          No "help me" PM's please. Use the forum, the community will thank you.
          Edit : and where are the logs ??

          1 Reply Last reply Reply Quote 0
          • Urbaman75U Offline
            Urbaman75 @jimp
            last edited by

            I tried to update ACME on a 2.8.0 pfsense, actually stuck and broken the installation, can't get to pfsense Webgui or SSH.

            I'll get back with more info.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.