Hi,
I'm using w/ great satisfaction traefik a+ Let's Encrypt with cert requests and pubic ip. I know there's also dns challanege but our main dns does not have api so it's not yet an option.
I need to migrate ngnix sites that already have a certificate valid and I'd like to use those sites in the test phase (where the setup/ip is not yet public).
Is there a way to build acme.json starting from already working certificates?
TIA
sandro
Are these already using LetsEncrypt? Maybe do a force-renew so you have additional time for testing/cutover.
When I did this I just took the certificates themselves and created a tls.certificate entry in a file provider.
Before expiry of certificates I updated the routers to use the LetsEncrypt certificate resolver.
Ok, I found the format of the acme.json so I'll do the scripting to translate between the 2 formats. I prepare to use acme.json directly, so I don't have to get back later and change.
I believe this format changed between v1 and v2.
It was referenced in a previous post I canot find at this minute.
But acme is explicitly mentioned in the traefik-migration-tool
I managed to create acme info starting from the nginx certificate (and viceversa) in a pretty simple way. The difference with the old format seems to be just an added key: value "Store": "default".
In Python the simple lines of code are:
def file2base64(filename):
return base64.b64encode(open(filename, 'rb').read())
OutputDict = {
"domain": {
"main": domain,
"sans": alternative_names
},
"certificate": file2base64(cert),
"key": file2base64(key),
"Store": 'default',
}
print(json.dumps(OutputDict, indent=4))