Missing cert.pem and chain.pem

[yancheva]

rancher-letsencrypt v0.4.0 with the HTTP challenge generates the following files:

• fullchain.pem
• privkey.pem
• metadata.json

However, apache < 2.4.8 requires cert.pem and chain.pem for the SSLCertificateFile and SSLCertificateChainFile directives respectively: https://httpd.apache.org/docs/2.4/mod/mod_ssl.html#sslcertificatefile.

While rancher-letsencrypt doesn't provide these files (also mentioned in #35), the letsencrypt documentation states that letsencrypt does generate these files: http://letsencrypt.readthedocs.io/en/latest/using.html#where-are-my-certificates (also: https://community.letsencrypt.org/t/can-i-make-letsencrypt-auto-output-chain-pem-and-cert-pem-instead-of-fullchain-pem/14131).

Is there any way to access the cert.pem and chain.pem files using rancher-letsencrypt?

[cloudlady911]

If you mount a volume like so: /path/to/folder:/etc/letsencrypt, then then letsencrypt will make a folder structure like production/certs/certname. The fullchain.pem and privkey.pem files will be available there. There is also a metadata.json file but I don't know what that files is for.

Hope that helps.

[radeno]

Same issue opened before this #35
cert.pem is required for OCSP Stapling. I dont know why is not stored when is available.
This package should save all files to filesystem and also into Rancher certificate storage, there is field for Root chain.

[pironic]

@janeczku any chance you could help us out? I am hoping that we can use rancher to generate the certificate which i will then use for non-standard ports by the container itself. Being able to present the certificate to the app directly is required. :( need my cert.pem.