Let's Encrypt Cert via ACME ask for oathtool (PFSende 2.8)
-
Hi,
i want to create LE Cert for my PFSense 2.8.
I use INWX DNSI get following error Message:
Please install oathtool to use 2 Factor Authentication.I could not find any pkg for oathtool.
What would be the solution?
Or other recommended best practice for this situation?kr
Mike -
@gorkrul said in Let's Encrypt Cert via ACME ask for oathtool (PFSende 2.8):
I use INWX DNS
acme.sh told me this : https://github.com/acmesh-official/acme.sh/wiki/dnsapi#dns_inwx
which seems to correspond with :
-
Totally agree with your Gertjan,
Excatly what i did set-up!
But for my understanding, the PFSense is missing the oathtool package. So it won't work.
See error message:
Please install oathtool to use 2 Factor Authentication.
so, what could be the solution then?
or what other best practice recommended?kr
Mike -
@gorkrul said in Let's Encrypt Cert via ACME ask for oathtool (PFSende 2.8):
so, what could be the solution then?
or what other best practice recommended?acme.sh uses a 'scripted' or 'automated' login against 'INWX'. If an 2FA is needed to passs through, then, afaik, you can't use that access - acme.sh won't be able to grab your phone and copy over the challenge code.
I'm not a 'INWX' (dono what/who that is to be honest) but I advise you to go to their support (foruim, FAQ, etc) and xheck how other, using 'INWX', set their acme.sh.
Their support page said : https://www.inwx.com/en/offer/api where acme.sh is mentioned as 'possible'.
here is a list with open issues with INXW : https://github.com/acmesh-official/acme.sh/issues?q=is%3Aissue%20state%3Aopen%20INWX - maybe yours is there also ?
My pretty broken advise would be : stop 2FA ....
