I actually didn’t went with my initial approach. I just handled all SSL in nginx and terminated there. As for local ISO upload, I found the secstorage ssl domain config and pointed it to my nginx proxy and seems to work fine.
Thanks for the inputs. — Travis > On May 18, 2022, at 3:39 PM, Nux <[email protected]> wrote: > > You should be able to run certbot on the management server for example, or > anywhere else really (if you go for the wildcard) and then once you get your > certificate files to install them in your Cloudstack via cloudmonkey. > You can check this article for an example: > https://www.shapeblue.com/securing-cloudstack-4-11-with-https-tls/ > (search for cloudmonkey upload customcertificate) > > --- > Nux > www.nux.ro > > On 2022-05-17 22:26, Ricardo Pertuz wrote: >> Is there anyway to automate this with certbot or similar? >> On 16/05/22, 9:44 AM, "Wei ZHOU" <[email protected]> wrote: >> Hi Travis, >> Please try the following: >> Root certificate: chain.pem >> Server certificate: cert.pem >> Private certificate: privkey.pem >> -Wei >> On Monday, 16 May 2022, Travis Romero <[email protected]> >> wrote: >> > Hi, >> > >> > I have a valid SSL cert from letsencrypt for my domain and I wanted to >> use >> > as the SSL cert for my Cloudstack ( in Infrastructure -> Summary -> SSL >> > Cert). Which file is which? I have the following files from letsencrypt: >> > cert.pem, chain.pem, fullchain.pem, privkey.pem. Which should I use for >> > Root certificate, Server certificate, PKCS#8 Private certificate. >> > >> > — >> > Travis >> > >> >
