Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    FYI - ACME on 2.3.x

    Scheduled Pinned Locked Moved ACME
    1 Posts 1 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • jimpJ
      jimp Rebel Alliance Developer Netgate
      last edited by jimp

      Anyone who is still for whatever reason running pfSense 2.3.x and using ACME, be aware that changes at Let's Encrypt have stopped allowing the very old version of acme.sh running on pfSense 2.3.x to function. You will receive an error to the effect that it cannot obtain a new nonce and the renew (or issue) will fail.

      [Mon Oct 28 09:12:45 EDT 2019] Could not get nonce, let's try again.
[Mon Oct 28 09:12:47 EDT 2019] Registered
[Mon Oct 28 09:12:47 EDT 2019] Can not find account id url.

      The changes happened very recently, so expect more and more certificate operations to fail over the next few months until eventually the certificates all expire as they cannot be renewed by the 2.3.x package.

      As 2.3.x is EOL there will be no update to address this.

      While it may be possible to copy back code from the current version manually (with adjustments for things lacking on 2.3.x), if you insist on staying on 2.3.x, that is an exercise left for the reader.

      For the best experience, update to the most recent supported version of pfSense (2.4.4-p3 as of this writing) and the latest version of the ACME package.

      Remember: Upvote with the πŸ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

      Need help fast? Netgate Global Support!

      Do not Chat/PM for help!

      1 Reply Last reply Reply Quote 0
      • jimpJ jimp unpinned this topic on
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.