Bug #16894: Let's Encrypt fullchain file is truncated when moving from /tmp/acme to /conf/acme - pfSense Packages - pfSense bugtracker

Actions

Copy link

Bug #16894

open

Let's Encrypt fullchain file is truncated when moving from /tmp/acme to /conf/acme

Added by Ron Bauman about 24 hours ago.

Status:

New

Priority:

Normal

Assignee:

Category:

ACME

Target version:

Start date:

Due date:

% Done:

Estimated time:

Plus Target Version:

Affected Version:

2.8.1

Affected Plus Version:

Affected Architecture:

All

Description

ACME package 1.2. With "Write ACME certificates to /conf/acme/" option selected in General Settings, the [domain].fullchain file in /conf/acme does not contain the Root YR cert. The cert is present in the fullchain.cer file found in /tmp/acme after the domain cert is issued from Let's Encrypt. If the [domain].fullchain file is subsequently used by an application on a server where the Root YR certificate is not in its list of CA certs, application authentication can fail.

A description of the problem and the current workaround: https://forum.netgate.com/topic/200786/certificate-chain-causing-application-authentication-failure.

No data to display

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

pfSense » pfSense Packages

Custom queries

Bug #16894

Let's Encrypt fullchain file is truncated when moving from /tmp/acme to /conf/acme