Skip to content

Resource: proxmox_acme_certificate

Manages ACME SSL certificates for Proxmox VE nodes.

This resource orders and renews certificates from an ACME Certificate Authority (like Let's Encrypt) for a specific node. Before using this resource, ensure that: - An ACME account is configured (using proxmox_acme_account) - DNS plugins are configured if using DNS-01 challenge (using proxmox_acme_dns_plugin)

Schema

Required

  • account (String) The ACME account name to use for ordering the certificate.
  • domains (Attributes List) The list of domains to include in the certificate. At least one domain is required. (see below for nested schema)
  • node_name (String) The name of the Proxmox VE node for which to order/manage the ACME certificate.

Optional

  • force (Boolean) Force certificate renewal even if the certificate is not due for renewal yet. Setting this to true will trigger a new certificate order on every apply.

Read-Only

  • certificate (String) The PEM-encoded certificate data.
  • fingerprint (String) The certificate fingerprint.
  • id (String) The unique identifier of this resource.
  • issuer (String) The certificate issuer.
  • not_after (String) The certificate expiration timestamp.
  • not_before (String) The certificate start timestamp.
  • subject (String) The certificate subject.
  • subject_alternative_names (List of String) The certificate subject alternative names (SANs).

Nested Schema for domains

Required:

  • domain (String) The domain name to include in the certificate.

Optional:

  • alias (String) An optional alias domain for DNS validation. This allows you to validate the domain using a different domain's DNS records.
  • plugin (String) The DNS plugin to use for DNS-01 challenge validation. If not specified, the standalone HTTP-01 challenge will be used.