I am having an odd issue where it seems acme-client is failing to run correctly due to /etc/ssl/cert.pem missing: # acme-client -vNn foo.bar.com acme-client: /usr/local/etc/acme/privkey.pem: account key exists (not creating) acme-client: /usr/local/etc/ssl/acme/private/privkey.pem: domain key exists (not creating) acme-client: /etc/ssl/cert.pem: No such file or directory acme-client: bad exit: netproc(2515): 1 I've followed the man page pretty closely, and I have installed LibreSSL on this system as well. I've not been able to find any reference to having to create a cert.pem file before running acme-client. Hopefully this is pebkac, but if not I'd like to help debug/test. Cheers! OS Rel Info: $ uname -ar FreeBSD webster 11.0-RELEASE-p2 FreeBSD 11.0-RELEASE-p2 #0: Mon Oct 24 06:55:27 UTC 2016 root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC amd64 Pkg Info: $ pkg info acme-client acme-client-0.1.15 Name : acme-client Version : 0.1.15
What does: pkg query '%Ok=%Ov' ca_root_nss give you?
(In reply to Melvyn Sopacua from comment #1) Ah - that was the hint I needed. After installing the ca_root_nss package the acme-client binary seems to be working as expected. Would it be advisable to add a dependency for ca_root_nss to acme-client, or perhaps add a message after installation that you'll need to have valid certs on your system? Thanks!
A commit references this bug: Author: brnrd Date: Sun Mar 26 10:47:45 UTC 2017 New revision: 436954 URL: https://svnweb.freebsd.org/changeset/ports/436954 Log: security/acme-client: Add run-time dep on ca_root_nss - acme-client fails at runtime if CA roots not installed PR: 215722 Reported by: pete@nomadlogic.org Changes: head/security/acme-client/Makefile