diff --git a/security/acme-client/src/opnsense/mvc/app/controllers/OPNsense/AcmeClient/forms/settings.xml b/security/acme-client/src/opnsense/mvc/app/controllers/OPNsense/AcmeClient/forms/settings.xml
index 8f5debb9d..d6f30156f 100644
--- a/security/acme-client/src/opnsense/mvc/app/controllers/OPNsense/AcmeClient/forms/settings.xml
+++ b/security/acme-client/src/opnsense/mvc/app/controllers/OPNsense/AcmeClient/forms/settings.xml
@@ -37,4 +37,11 @@
true
+
+ acmeclient.settings.logLevel
+
+ dropdown
+
+ true
+
diff --git a/security/acme-client/src/opnsense/mvc/app/models/OPNsense/AcmeClient/AcmeClient.xml b/security/acme-client/src/opnsense/mvc/app/models/OPNsense/AcmeClient/AcmeClient.xml
index da8ba20ec..fb4407378 100644
--- a/security/acme-client/src/opnsense/mvc/app/models/OPNsense/AcmeClient/AcmeClient.xml
+++ b/security/acme-client/src/opnsense/mvc/app/models/OPNsense/AcmeClient/AcmeClient.xml
@@ -1,7 +1,7 @@
//OPNsense/AcmeClient
- 1.0.0
+ 1.1.0
a secure Let's Encrypt plugin
@@ -101,6 +101,15 @@
N
N
+
+ Y
+ normal
+
+ normal
+ extended
+ debug
+
+
diff --git a/security/acme-client/src/opnsense/scripts/OPNsense/AcmeClient/certhelper.php b/security/acme-client/src/opnsense/scripts/OPNsense/AcmeClient/certhelper.php
index 8fadfe68b..dfbb5674d 100755
--- a/security/acme-client/src/opnsense/scripts/OPNsense/AcmeClient/certhelper.php
+++ b/security/acme-client/src/opnsense/scripts/OPNsense/AcmeClient/certhelper.php
@@ -286,12 +286,18 @@ function eval_optional_acme_args()
$configObj = Config::getInstance()->object();
$acme_args = array();
+
// Force certificate renewal?
$acme_args[] = isset($options["F"]) ? "--force" : null;
+
// Use LE staging environment?
$acme_args[] = $configObj->OPNsense->AcmeClient->settings->environment == "stg" ? "--staging" : null;
$acme_args[] = isset($options["S"]) ? "--staging" : null; // for debug purpose
+ // Set log level
+ $acme_args[] = $configObj->OPNsense->AcmeClient->settings->logLevel == "normal" ? "--log-level 1" : "--log-level 2";
+ $acme_args[] = $configObj->OPNsense->AcmeClient->settings->logLevel == "debug" ? "--debug" : null;
+
// Remove empty and duplicate elements from array
return(array_unique(array_filter($acme_args)));
}
@@ -390,7 +396,6 @@ function run_acme_account_registration($acctObj, $certObj, $modelObj)
$acmecmd = "/usr/local/sbin/acme.sh "
. implode(" ", $acme_args) . " "
. "--registeraccount "
- . "--log-level 2 "
. "--home /var/etc/acme-client/home "
. "--accountconf " . $account_conf_file;
//echo "DEBUG: executing command: " . $acmecmd . "\n";
@@ -739,7 +744,6 @@ function run_acme_validation($certObj, $valObj, $acctObj)
. "--domain " . (string)$certObj->name . " "
. $altnames
. $acme_validation . " "
- . "--log-level 2 "
. "--home /var/etc/acme-client/home "
. "--keylength 4096 "
. "--accountconf " . $account_conf_file . " "
@@ -804,7 +808,6 @@ function revoke_cert($certObj, $valObj, $acctObj)
. implode(" ", $acme_args) . " "
. "--revoke "
. "--domain " . (string)$certObj->name . " "
- . "--log-level 2 "
. "--home /var/etc/acme-client/home "
. "--keylength 4096 "
. "--accountconf " . $account_conf_file;