I've setup Cerwarden with docker and a manual install and tried to add a Certificate with the DNS Challange. When starting the Certificate request in the GUI I can find the following error in the Log:

11/25/2024, 9:45:29 PM, error, dns01acmesh/resources.go:27, acme.sh dns create script error: exit status 1
11/25/2024, 9:45:29 PM, error, dns01acmesh/resources.go:24, acme.sh dns create script std err: [Mon Nov 25 09:45:29 PM CET 2024] config file is empty, can not save SAVED_IONOS_PREFIX=PREFIX
[Mon Nov 25 09:45:29 PM CET 2024] config file is empty, can not clear
[Mon Nov 25 09:45:29 PM CET 2024] config file is empty, can not save SAVED_IONOS_SECRET=SECRET
[Mon Nov 25 09:45:29 PM CET 2024] config file is empty, can not clear
./scripts/acme.sh/temp/acme.sh_dns_ionos.sh: line 8117: : No such file or directory
grep: : No such file or directory

calling the script manually from the CLI with the Secret and Prefix set as enviroment variables yields a usable certificate.

Challanger Config:
challenges:
providers:
dns_01_acme_sh:
- domains:
- '*'
acme_sh_path: ./scripts/acme.sh
environment:
- IONOS_PREFIX="PREFIX"
- IONOS_SECRET="SECRET"
dns_hook: dns_ionos

The prefix and secret have obviously been replaced by me. Docker and Installtion have been run with the root user

Am I missing an obvious config or do I have to change Permissions?

Have you tried go-acme le-go ? It appears to also support IONOS. The acme.sh method is kind of a shoe horned method that I implemented prior to adding the le-go option.

Thanks for the Support, I was able to get the Certs with go-acme le-go. Thank you for a great piece of software!

Wen I try to ues the Cert for the Certwarden Service I cant connect with https and find the following error in the log:
certwarden | 2024/11/26 14:52:39 http: panic serving 192.168.178.240:55408: runtime error: invalid memory address or nil pointer dereference
certwarden | goroutine 127 [running]:
certwarden | net/http.(conn).serve.func1()
certwarden | /usr/local/go/src/net/http/server.go:1898 +0xbe
certwarden | panic({0x31eaf80?, 0x64fd6f0?})
certwarden | /usr/local/go/src/runtime/panic.go:770 +0x132
certwarden | certwarden-backend/pkg/datatypes/safecert.(SafeCert).Read(0xc0017e2c01?)
certwarden | /src/pkg/datatypes/safecert/safecert.go:56 +0x82
certwarden | certwarden-backend/pkg/domain/app.run.(Application).tlsConf.(SafeCert).TlsCertFunc.func9(0x2?)
certwarden | /src/pkg/datatypes/safecert/safecert.go:44 +0x17
certwarden | crypto/tls.(Config).getCertificate(0xc00187c340, 0xc00136d450)
certwarden | /usr/local/go/src/crypto/tls/common.go:1126 +0x4a
certwarden | crypto/tls.(serverHandshakeStateTLS13).pickCertificate(0xc00194f850)
certwarden | /usr/local/go/src/crypto/tls/handshake_server_tls13.go:442 +0x2fd
certwarden | crypto/tls.(serverHandshakeStateTLS13).handshake(0xc00194f850)
certwarden | /usr/local/go/src/crypto/tls/handshake_server_tls13.go:59 +0x53
certwarden | crypto/tls.(Conn).serverHandshake(0xc0001e8e08, {0x405a260, 0xc001031ae0})
certwarden | /usr/local/go/src/crypto/tls/handshake_server.go:53 +0x16a
certwarden | crypto/tls.(Conn).handshakeContext(0xc0001e8e08, {0x405a228, 0xc001b833e0})
certwarden | /usr/local/go/src/crypto/tls/conn.go:1553 +0x3cb
certwarden | crypto/tls.(Conn).HandshakeContext(...)
certwarden | /usr/local/go/src/crypto/tls/conn.go:1493
certwarden | net/http.(conn).serve(0xc000fc4f30, {0x405a228, 0xc0001bd080})
certwarden | /usr/local/go/src/net/http/server.go:1921 +0xe85
certwarden | created by net/http.(Server).Serve in goroutine 80
certwarden | /usr/local/go/src/net/http/server.go:3285 +0x4b4

Powered by: FreeFlarum.
(remove this footer)