[Feature Request] Automatic SSL/TLS certificates for Object Storage ("Let's Encrypt")

I was pleasantly surprised to discover that Linode now supports custom SSL/TLS certificates for Object Storage, however this still requires manually obtaining and deploying a certificate to use.

It would be fantastic if Linode provided the option of automatically provisioning certificates via Let's Encrypt.

While it is possible to manually configure Let's Encrypt certificates, they typically require renewal every 90 days. This could certainly be automated using the Linode API, but it seems like it would be a useful feature for many users.

Thanks!

[Edit] If anyone is interested, I've written a small ACME client for provisioning Let's Encrypt certificiates on Linode Object Storage: https://github.com/dcoles/acme-linode-objectstorage

12 Replies

Hi @dcoles

We appreciate you taking the time out to provide us with this feedback and feature request. I've passed this information along to our team to review, and have added your feature request to our internal tracker. While I cannot comment on if or when this feature will be implemented, we do take our customers feedback seriously, and are always looking for ways to improve our customers experience on our platform.

If anyone is interested, I've written a small ACME client for provisioning Let's Encrypt certificiates on Linode Object Storage: https://github.com/dcoles/acme-linode-objectstorage

Do we have any updates on this feature request? It will be best if this can be implemented the soonest time.

+1, this would be great feature, I think DigitalOcean already supported it

Thanks everyone for adding your voices to this feature request. We don't have an update to provide at this time, but I'll make sure to add each of your requests to our internal tracker.

@dcoles I am facing issue with upload images to object storage and I think it is because of certificate. Please check this post: https://www.linode.com/community/questions/21684/hostnameip-does-not-match-certificates-altnames-host

I tried what you mentioned in readme file here: https://github.com/dcoles/acme-linode-objectstorage

py -m acme_linode_objectstorage -k account_key.pem mybucket-Name --cluster region --agree-to-terms-of-service


I tried above command but it is saying no matching bucket found any idea why so? What am I missing?

It would be extremely helpful for us if we could automatically upload our SSL cert for our object bucket. Right now I have to remember to do it before our LetsEncrypt cert expires---and as it is I tend to get reminded just after expiry rather than before…

+1

Would be very grateful for seeing this implemented in some way.

+1 saves wasting time on a commodity service

It is possible now to update object storage certs programatically. The API supports it:

  1. Create an API token.

  2. Delete the old cert pair: https://techdocs.akamai.com/linode-api/reference/delete-object-storage-ssl

  3. Post the new cert pair: https://techdocs.akamai.com/linode-api/reference/post-object-storage-ssl

I used curl to do this in a shell script, which I'm having cron run once per quarter after certbot renews my letsencrypt cert.

@uckelman Yes, that's one of the APIs I use in acme-linode-objectstorage tool.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct