Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    ACME pkg v1.0

    Scheduled Pinned Locked Moved ACME
    17 Posts 9 Posters 1.3k Views 11 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • jimpJ Offline
      jimp Rebel Alliance Developer Netgate
      last edited by jimp

      ACME pkg v1.0 is out now for pfSense Plus 25.07, 24.11, and CE 2.8.0.

      Bug fixes/changes:

      • Synchronized with upstream acme.sh version 3.1.2 (master branch)

      • Various upstream bug fixes for DNS providers

      • Removed deprecated OCSP stapling options
        https://redmine.pfsense.org/issues/16195

      • Fixed a bug with nsupdate and challenge aliases
        https://redmine.pfsense.org/issues/15061

      • Added initial support for custom ACME servers

        Add servers on the General Settings tab.

        Note: This feature has undergone basic testing, however, there is no way to know if it will work against any custom ACME server, and there is no way for the package to know which validation methods are supported by an ACME server.

        Use at own risk. Test before deployment.

        https://redmine.pfsense.org/issues/9833

      Existing Provider Changes:

      • Gandi LiveDNS has deprecated API keys and now uses a Personal Access
        Token (PAT). Configure the new PAT option to ensure future updates
        work.

        https://redmine.pfsense.org/issues/16294

      • Active24 changed from a single Token to an API Key + API Secret and
        must be reconfigured before use.

      • Selectel API version v1 is deprecated, but still available as a new
        option, along with new API v2 options. Must be reconfigured before
        use.

      New DNS Providers:

      • Beget.com
      • EdgeCenter.ru
      • FreeMyIP.com
      • HE.net DDNS
      • Mijn.host
      • OpenProvider via REST API
      • Spaceship
      • Technitium
      • ZoneEdit

      Note: The change from 0.9 to 1.0 does not reflect any particular significant change in the package, but it has been stable for so long that keeping its version number below zero no longer made sense.

      Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

      Need help fast? Netgate Global Support!

      Do not Chat/PM for help!

      johnpozJ GertjanG Urbaman75U R 4 Replies Last reply Reply Quote 3
      • jimpJ jimp pinned this topic
      • johnpozJ Online
        johnpoz LAYER 8 Global Moderator @jimp
        last edited by johnpoz

        @jimp Just updated acme package to v1, and did a renew of certs even though they were not do for a while. All went fine, using dns-cloudflare

        updated.jpg

        On 25.07 of pfsense+

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 25.07.1 | Lab VMs 2.8.1, 25.07.1

        1 Reply Last reply Reply Quote 2
        • GertjanG Offline
          Gertjan @jimp
          last edited by

          @jimp

          Same pfSense here, upgrade to acme to "1.0" and hit the renew button.
          I'm using the "nsupdate" method. The cert was renewed just fine.

          No "help me" PM's please. Use the forum, the community will thank you.
          Edit : and where are the logs ??

          1 Reply Last reply Reply Quote 1
          • Urbaman75U Offline
            Urbaman75 @jimp
            last edited by

            I tried to update ACME on a 2.8.0 pfsense, actually stuck and broken the installation, can't get to pfsense Webgui or SSH.

            I'll get back with more info.

            jimpJ 1 Reply Last reply Reply Quote 0
            • jimpJ Offline
              jimp Rebel Alliance Developer Netgate @Urbaman75
              last edited by

              @Urbaman75 said in ACME pkg v1.0:

              I tried to update ACME on a 2.8.0 pfsense, actually stuck and broken the installation, can't get to pfsense Webgui or SSH.

              I'll get back with more info.

              Start a fresh thread for that. I tested it on 2.8.x and it worked fine there, so it probably isn't something to do with the package itself, but something else going on with your installation.

              Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

              Need help fast? Netgate Global Support!

              Do not Chat/PM for help!

              1 Reply Last reply Reply Quote 0
              • R Offline
                renegade @jimp
                last edited by

                Nice to read that news!
                Will it be also available for 25.07.1?
                I got an ! Exclamation Mark, after upgrading to 25.07.1 and reinstalled ACME and it was downgraded to 0.9.

                GertjanG J 2 Replies Last reply Reply Quote 0
                • GertjanG Offline
                  Gertjan @renegade
                  last edited by

                  @renegade

                  yeah, my pfSense (25.07.1) also tells me that a - downgrade ! - is, available :

                  8686514f-1ff0-4f8e-b46c-df751be9b6ac-image.png

                  but I keep my "acme 1.0" until further notice 😊
                  'I works for me'.

                  No "help me" PM's please. Use the forum, the community will thank you.
                  Edit : and where are the logs ??

                  1 Reply Last reply Reply Quote 0
                  • J Offline
                    jrey @renegade
                    last edited by

                    @renegade

                    Not here and it works fine -

                    Screenshot 2025-08-20 at 8.09.08 AM.png

                    I don't use the email notifications for available updates. Maybe if you are using that it is confused ?

                    The update to 1.0 was applied when it became available (under 25.07) and the system has since been updated to 25.07.01. the only package the was updated during the 25.07 > 25.07.01 process was Nexus, which went to 25.07.1_1 All other packages (I use) remained untouched when going to 25.07.1

                    1 Reply Last reply Reply Quote 0
                    • jimpJ Offline
                      jimp Rebel Alliance Developer Netgate
                      last edited by

                      Check again now. The ACME 1 package came out after the 25.07.1 branch was frozen for the release, I picked it over there now and it should have just finished building.

                      Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                      Need help fast? Netgate Global Support!

                      Do not Chat/PM for help!

                      tinfoilmattT M 2 Replies Last reply Reply Quote 1
                      • tinfoilmattT Offline
                        tinfoilmatt @jimp
                        last edited by

                        @jimp Could we kick off a build for the 2.8.1-BETA branch, too? 😀

                        jimpJ 1 Reply Last reply Reply Quote 0
                        • jimpJ Offline
                          jimp Rebel Alliance Developer Netgate @tinfoilmatt
                          last edited by

                          @tinfoilmatt said in ACME pkg v1.0:

                          @jimp Could we kick off a build for the 2.8.1-BETA branch, too? 😀

                          It's not beta anymore, so no :-)

                          That process has been on hold while we worked on 25.07.1 so it should be coming along Soon™

                          Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                          Need help fast? Netgate Global Support!

                          Do not Chat/PM for help!

                          tinfoilmattT 1 Reply Last reply Reply Quote 0
                          • tinfoilmattT Offline
                            tinfoilmatt @jimp
                            last edited by

                            @jimp True! Thanks for confirming.

                            (How's that trademark registration coming along, btw? Gotta be gettin' close to "®" this far down the road now! 😜)

                            1 Reply Last reply Reply Quote 0
                            • M Offline
                              mcury Rebel Alliance @jimp
                              last edited by

                              @jimp said in ACME pkg v1.0:

                              Check again now. The ACME 1 package came out after the 25.07.1 branch was frozen for the release, I picked it over there now and it should have just finished building.

                              Version 25.07 includes Acme 1.0.
                              Version 25.07.1 includes only Acme 0.9_1.
                              If you do a fresh install of 25.07.1, you get only Acme 0.9_1.
                              If you upgrade to 25.07.1 from 25.07 and had already updated the Acme package to 1.0 in 25.07, you’ll still have Acme 1.0.

                              dead on arrival, nowhere to be found.

                              M 1 Reply Last reply Reply Quote 1
                              • M Offline
                                MoonKnight @mcury
                                last edited by

                                And when you are on version 25.07.1 or 25.07 and then click on the reinstall button for the ACME package. It will downgrade. :)

                                125fc31e-ef4f-4342-b364-48c2b03446c5-image.png

                                --- 25.07.1 ---
                                Intel(R) Xeon(R) CPU D-1518 @ 2.20GHz
                                Kingston DDR4 2666MHz 16GB ECC
                                2 x HyperX Fury SSD 120GB (ZFS-mirror)
                                2 x Intel i210 (ports)
                                4 x Intel i350 (ports)

                                1 Reply Last reply Reply Quote 1
                                • jimpJ Offline
                                  jimp Rebel Alliance Developer Netgate
                                  last edited by

                                  OK, it should be there now if you check one more time. The new package builds for that branch were not completely ready yet, but they are now, and ACME 1.0 is in the 25.07.1 repository.

                                  Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                                  Need help fast? Netgate Global Support!

                                  Do not Chat/PM for help!

                                  johnpozJ GertjanG 2 Replies Last reply Reply Quote 2
                                  • johnpozJ Online
                                    johnpoz LAYER 8 Global Moderator @jimp
                                    last edited by johnpoz

                                    @jimp yeah its there now, see the update available on my 25.07.1 vm

                                    update.jpg

                                    http://192.168.9.34/pkg_mgr_install.php?mode=reinstallpkg&pkg=pfSense-pkg-acme&from=0.9_1&to=1.0
                                    
                                    >>> Setting vital flag on php83...done.
                                    >>> Upgrading pfSense-pkg-acme...
                                    Updating pfSense-core repository catalogue...
                                    pfSense-core repository is up to date.
                                    Updating pfSense repository catalogue...
                                    pfSense repository is up to date.
                                    All repositories are up to date.
                                    The following 1 package(s) will be affected (of 0 checked):
                                    
                                    Installed packages to be UPGRADED:
                                    	pfSense-pkg-acme: 0.9_1 -> 1.0 [pfSense]
                                    
                                    Number of packages to be upgraded: 1
                                    
                                    277 KiB to be downloaded.
                                    [1/1] Fetching pfSense-pkg-acme-1.0.pkg: .......... done
                                    Checking integrity... done (0 conflicting)
                                    [1/1] Upgrading pfSense-pkg-acme from 0.9_1 to 1.0...
                                    [1/1] Extracting pfSense-pkg-acme-1.0: .......... done
                                    Removing acme components...
                                    Menu items... done.
                                    Loading package instructions...
                                    Deinstall commands... done.
                                    Saving updated package information...
                                    overwrite!
                                    Loading package configuration... done.
                                    Configuring package components...
                                    Loading package instructions...
                                    Custom commands...
                                    Executing custom_php_install_command()...done.
                                    Menu items... done.
                                    Writing configuration... done.
                                    >>> Cleaning up cache...done.
                                    Success
                                    
                                    

                                    An intelligent man is sometimes forced to be drunk to spend time with his fools
                                    If you get confused: Listen to the Music Play
                                    Please don't Chat/PM me for help, unless mod related
                                    SG-4860 25.07.1 | Lab VMs 2.8.1, 25.07.1

                                    1 Reply Last reply Reply Quote 0
                                    • GertjanG Offline
                                      Gertjan @jimp
                                      last edited by

                                      @jimp

                                      Done.
                                      I was on acme.sh 1.0 (25.07.1) and a downgrade was proposed.
                                      Now, the issue is gone.

                                      No "help me" PM's please. Use the forum, the community will thank you.
                                      Edit : and where are the logs ??

                                      1 Reply Last reply Reply Quote 0
                                      • First post
                                        Last post
                                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.