Closed Xon closed 6 years ago
I believe it is expecting the full cert/key to be included there. You could do something like this:
linode-cli nodebalancers config-update 123 123 --port 443 --ssl_cert "$(cat /etc/letsencrypt/live/forums.spacebattles.com/fullchain.pem)" --ssl_key "$(cat /etc/letsencrypt/live/forums.spacebattles.com/privkey.pem)"
I'll look into adding the ability to specify files as input to the spec/CLI shortly.
This change was release in version 2.0.6 - let me know if it's working as you expect. I believe your original command should work now.
@Dorthu the 2.0.6 CLI works in that it pushes the SSL update, but the API appears to not be handling it correctly.
Pushing a let's encrypt cert+key results in SSL failing until it is updated via the legacy manager's node balancer webpage.
Sorry I missed this - I'm going to look into it today and see if I can figure out what's going on.
To clarify, you're creating a cert/key with LetsEncrypt and then uploading them to the NodeBalancer? Is it the same cert/key you're using in the legacy manager?
Yes, should be the same content. (cat'ing the files to console then copy & pasting)
Only thing that might change is end-line type on copy & pasting and trailing whitespace into the legacy manager vs the files on disk via the CLI.
I can reproduce this issue, we're looking into it now - I'll update you when I have more info
After looking into this for a while, I believe it to be an error in the API. I've created an issue for it in our internal issue tracker and will report back when it's been resolved. Thank you for your patience!
Really sorry this took so long - the API bug turned out to be very difficult to unwind. I just shipped the fix - this should work now. Please let me know if it does, and if you have any other issues. Thank you again for your patience!
@Dorthu yup, looks fixed now. The update script no longer kicks my site offline.
When attempting to use the rewritten CLI, there doesn't appear to be any documentation on what the SSL cert & key arguments should look like.
Returns: