Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Using own Cert CA, possible to point unraid admin to that rather than LE?

Featured Replies

Hi

 

I am using my own internal cert CA with acme and would prefer to point my unraid servers certs to that url rather than that of Letsencrypt.

 

Is it possible to edit unraid files to change that url, if so, which ones and will it get overwritten on each update?

 

Edit: If I am able to edit the url LE using to get its certs, that should be all I need.

 

Thanks in advance.

Edited by local.bin

The answer is in the Help for the 'Use SSL/TLS' setting on Settings/Management Settings:

 

Quote

nginx certificate handling details

The nginx startup script looks for a SSL certificate on the USB boot flash in this order:
config/ssl/certs/certficate_bundle.pem
config/ssl/certs/<server-name>_unraid_bundle.pem

If neither file exists, a self-signed SSL certificate is automatically created and stored in
config/ssl/certs/<server-name>_unraid_bundle.pem

Provisioning a Let's Encrypt certificate writes the certificate to
config/ssl/certs/certficate_bundle.pem

nginx stapling support

Whether nginx enables OCSP Staping is determined by which certificate is in use:
config/ssl/certs/certficate_bundle.pem => Yes
config/ssl/certs/<server-name>_unraid_bundle.pem => No

 

To use your own certificate you are going to put it on the flash in config/ssl/certs directory.  What you name the file depends on whether Stapling should be enabled.  Note that the pem file is called a 'bundle' and consists of the concatenation of the certificate followed by the private key.  You can look at /etc/rc.d/rc.nginx and see how it's handled.

 

  • Author
3 hours ago, limetech said:

The answer is in the Help for the 'Use SSL/TLS' setting on Settings/Management Settings:

 

 

To use your own certificate you are going to put it on the flash in config/ssl/certs directory.  What you name the file depends on whether Stapling should be enabled.  Note that the pem file is called a 'bundle' and consists of the concatenation of the certificate followed by the private key.  You can look at /etc/rc.d/rc.nginx and see how it's handled.

 

Hi there

 

Thanks for the response, but that was not what I was asking :)

 

I had read the help and it is a manual process, where I am asking if the LE url you use for automatically getting LE certs can be replaced.

 

See here -> https://letsencrypt.org/docs/staging-environment/

 

Replacing this url -> https://acme-staging-v02.api.letsencrypt.org/directory

 

With my acme server, I can create my certs from my own CA.

Ok, that makes more sense.  If you want that capability, we would ask that you open a feature request in the appropriate forum.  That isn't current functionality (nor planned) at this point, so it'd have to go through the process.  The workaround Tom mentioned previously is still valid for the meantime.

  • Author
56 minutes ago, jonp said:

Ok, that makes more sense.  If you want that capability, we would ask that you open a feature request in the appropriate forum.  That isn't current functionality (nor planned) at this point, so it'd have to go through the process.  The workaround Tom mentioned previously is still valid for the meantime.

Ok thanks.

 

I was more hoping I could manually edit the LE url in the code to create my certs, as judging by the lack of responses here, it wouldn't be a popular feature request.

 

I will look for a puppet plugin or similar that allows me to populate my unraid servers certs automatically rather than having to manually create and maintain their certs :)

 

Thanks for both for your inputs.

Archived

This topic is now archived and is closed to further replies.

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.