Any one managed to get letsencrypt working for the API cert on a seperate server?
Getting the cert generated etc works well.
but when running on a separate portal server it seems like powershell doesn't play ball with changing the API cert this still seems to be a manual process.
I'll note however works fine when portal / vbo server is combined.
-
badabing888
- Service Provider
- Posts: 85
- Liked: 11 times
- Joined: Jul 17, 2017 12:37 pm
- Contact:
-
jorgedlcruz
- Veeam Software
- Posts: 1493
- Liked: 655 times
- Joined: Jul 17, 2015 6:54 pm
- Full Name: Jorge de la Cruz
- Contact:
Re: Using Lets Encrypt Certs
Hello,
I have tried combined and all worked well. Sounds like a bug, but can not confirm. Can you please open a quick support ticket to investigate further?
When you mention, PowerShell, what part are you automating or trying with PowerShell? The push of the cert? Mind to share that last part?
Thanks!
I have tried combined and all worked well. Sounds like a bug, but can not confirm. Can you please open a quick support ticket to investigate further?
When you mention, PowerShell, what part are you automating or trying with PowerShell? The push of the cert? Mind to share that last part?
Thanks!
Jorge de la Cruz
Senior Product Manager | Veeam ONE @ Veeam Software
@jorgedlcruz
https://www.jorgedelacruz.es / https://jorgedelacruz.uk
vExpert 2014-2024 / InfluxAce / Grafana Champion
Senior Product Manager | Veeam ONE @ Veeam Software
@jorgedlcruz
https://www.jorgedelacruz.es / https://jorgedelacruz.uk
vExpert 2014-2024 / InfluxAce / Grafana Champion
-
badabing888
- Service Provider
- Posts: 85
- Liked: 11 times
- Joined: Jul 17, 2017 12:37 pm
- Contact:
Re: Using Lets Encrypt Certs
Hi,
Thanks ive opened a support case 05419412
We are trying to automate applying the LE cert to the rest API which sits on a separate server. If the restAPI is working off the main VBO server it works as expected.
We are using
https://helpcenter.veeam.com/docs/vbo36 ... tml?ver=60
Set-VBORestAPISettings -EnableService -AuthTokenLifeTime 4800 -CertificateFilePath "C:\abc\LEcert.pfx" -CertificatePassword password
No connection attempt could be made with target machine -> this is local machine running the api / restore portal
Seems like when the the restore portal is sitting on a seperate server its not listening allowing connections to port 9191 which is where this command is trying to push the cert to
Thanks ive opened a support case 05419412
We are trying to automate applying the LE cert to the rest API which sits on a separate server. If the restAPI is working off the main VBO server it works as expected.
We are using
https://helpcenter.veeam.com/docs/vbo36 ... tml?ver=60
Set-VBORestAPISettings -EnableService -AuthTokenLifeTime 4800 -CertificateFilePath "C:\abc\LEcert.pfx" -CertificatePassword password
No connection attempt could be made with target machine -> this is local machine running the api / restore portal
Seems like when the the restore portal is sitting on a seperate server its not listening allowing connections to port 9191 which is where this command is trying to push the cert to
-
jorgedlcruz
- Veeam Software
- Posts: 1493
- Liked: 655 times
- Joined: Jul 17, 2015 6:54 pm
- Full Name: Jorge de la Cruz
- Contact:
Re: Using Lets Encrypt Certs
Great catch, we will try to reproduce on our labs, and if there is a bug will come back with the bug number.
Thank you so much
Thank you so much
Jorge de la Cruz
Senior Product Manager | Veeam ONE @ Veeam Software
@jorgedlcruz
https://www.jorgedelacruz.es / https://jorgedelacruz.uk
vExpert 2014-2024 / InfluxAce / Grafana Champion
Senior Product Manager | Veeam ONE @ Veeam Software
@jorgedlcruz
https://www.jorgedelacruz.es / https://jorgedelacruz.uk
vExpert 2014-2024 / InfluxAce / Grafana Champion
-
badabing888
- Service Provider
- Posts: 85
- Liked: 11 times
- Joined: Jul 17, 2017 12:37 pm
- Contact:
Re: Using Lets Encrypt Certs
Hi Jorge,
Have you terminate the SSL using letencrypt for the portal server on a proxy that sits in front of the server i.e like HAproxy is this possible? Or is SSL passthrough the only option?
Have you terminate the SSL using letencrypt for the portal server on a proxy that sits in front of the server i.e like HAproxy is this possible? Or is SSL passthrough the only option?
-
jorgedlcruz
- Veeam Software
- Posts: 1493
- Liked: 655 times
- Joined: Jul 17, 2015 6:54 pm
- Full Name: Jorge de la Cruz
- Contact:
Re: Using Lets Encrypt Certs
Hello,
I have not played with that on my side. But let me ask to see if this is possible.
Thanks!
I have not played with that on my side. But let me ask to see if this is possible.
Thanks!
Jorge de la Cruz
Senior Product Manager | Veeam ONE @ Veeam Software
@jorgedlcruz
https://www.jorgedelacruz.es / https://jorgedelacruz.uk
vExpert 2014-2024 / InfluxAce / Grafana Champion
Senior Product Manager | Veeam ONE @ Veeam Software
@jorgedlcruz
https://www.jorgedelacruz.es / https://jorgedelacruz.uk
vExpert 2014-2024 / InfluxAce / Grafana Champion
-
chrtho1
- Service Provider
- Posts: 2
- Liked: never
- Joined: Aug 26, 2011 5:35 am
- Full Name: Christopher Thomsen
- Location: Bergen, Norway
- Contact:
Re: Using Lets Encrypt Certs
any updates to this?
would be sweet to be able to use LE certificates - set and forget
/Chris
would be sweet to be able to use LE certificates - set and forget
/Chris
-
jorgedlcruz
- Veeam Software
- Posts: 1493
- Liked: 655 times
- Joined: Jul 17, 2015 6:54 pm
- Full Name: Jorge de la Cruz
- Contact:
Re: Using Lets Encrypt Certs
Hello Chris,
You are trying the same behavior, right? Pushing an SSL Cert, LE or not, to a separate node that has the API/portal, is this correct?
Have you perhaps opened a support case we can track as well?
You are trying the same behavior, right? Pushing an SSL Cert, LE or not, to a separate node that has the API/portal, is this correct?
Have you perhaps opened a support case we can track as well?
Jorge de la Cruz
Senior Product Manager | Veeam ONE @ Veeam Software
@jorgedlcruz
https://www.jorgedelacruz.es / https://jorgedelacruz.uk
vExpert 2014-2024 / InfluxAce / Grafana Champion
Senior Product Manager | Veeam ONE @ Veeam Software
@jorgedlcruz
https://www.jorgedelacruz.es / https://jorgedelacruz.uk
vExpert 2014-2024 / InfluxAce / Grafana Champion
Who is online
Users browsing this forum: No registered users and 17 guests