Since the Broadcom’s announcement about changing the licensing for VMware vSphere products and discarding the free Hypervisor license, there has been a massive uptake for other virtualization platforms. Also in my own systems, where I reinstalled the ESXi hosts as Proxmox Virtual Environment (PVE) nodes, and imported the existing virtual machines in the new platform.
One of my first configuration tasks for a new PVE node is to set a trusted TLS certificate. In PVE there is built-in support for renewing the node certificates using the ACME protocol and DNS-based verification, to avoid using untrusted self-signed certificates.
Currently there is no built-in support for Hurricane Electric’s dynamic DNS records though, so I wrote my own plugin to renew all the PVE node certificates automatically. It can be downloaded from my GitHub repository: