danioj Posted November 10, 2023 Share Posted November 10, 2023 Hi All, I have been using the Linuxserver.io swag container for many years now. I use this to generate a wildcard certificate for my custom domain via LetsEncrypt (LE) and it works great. Since Apple have recently amended the Safari autofill feature on IOS to only do so if you are accessing a website via HTTPS it is forcing me to enable this on my LAN services. Basically I use unbound within pfsense to hostoveride access to my app.domain.etc (within my LAN) and take me to the internal IP of my LAN services. Anyway, I digress. I have been able to get this working and install my wildcard certifate for every LAN service except unRAID. That's because what unraid is asking for is slightly different to everyone else. unRAID is asking for a bundle file. Swag only produces these files (I believe it used to create a bundle file but it doesn't seem to anymore): cert.pem chain.pem fullchain.pem privkey.pem README None of these appear to be the bundle file that unRAID is looking for. When I open the file that unRAID has there there are more cert's in there than any single file generated above. My Google Fu seems to suggest that a bundle file is some combination of these files but there is so much LE information out there Im finding it hard to figure it out. It also doesn't help that there so many different names for the same thing, things changing over time and even file names don't seem to be named what they are commonly referred to. So I turn to you good community, can you help me figure out how I generate the bundle file that unRAID is after from the files that LE certbot generates when producing / renewing keys? Thank you! D Quote Link to comment
danioj Posted November 11, 2023 Author Share Posted November 11, 2023 (edited) Bump. Any forum or web links to some possibly relevant information would be helpful. Edited November 11, 2023 by danioj Quote Link to comment
StevenD Posted November 11, 2023 Share Posted November 11, 2023 Combine them in a single file in this order: private cert fullchain Config unraid with that single file. Quote Link to comment
MaxiWheat Posted March 2 Share Posted March 2 Any follow up on this ? I plan to do something similar for the same reason as OP, since Apple requires https for autofill. I would like to use my own domain too. Has previous method worked for combining files ? Quote Link to comment
digilink Posted April 8 Share Posted April 8 I have the same setup as OP, and faced the same issue. I did discover that SWAG does provide a bundle file, and was able to import my custom Let’s Encrypt wildcard cert no problem. I use Ansible to manage all of my servers so I wrote a small playbook that will install the cert: https://github.com/digilink/unraid-ansible/blob/main/add_unraid_cert.yaml My particular setup allows me to retrieve certs via an htaccess protected directory on the SWAG instance itself. Hope this helps someone. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.