ssl cert

  1. ACME client wrongly treats IP address as DNS name in CSR generation

    I'm using PVE's ACME client to get a certiifcate from my ACME server. I added two names: "domain.com" and "172.16.0.1" in the control panel. The certificate I finally got has its Subject Alternative Name = "DNS:domain.com,DNS:172.16.0.1". It's invalid. It should be...
  2. Self sign certs got ERR_SSL_KEY_USAGE_INCOMPATIBLE

    Hello, And: I'm using lastest PVE cluster. Then, I create my own Root-CA, Middle-CA, Server Cert. After upload, Chrome show "ERR_SSL_KEY_USAGE_INCOMPATIBLE" and "thisisunsafe" not working. But with nginx, Chrome can accept the cert. So as far as I know, Chrome is very picky with ssl cipher...
  3. Browser Certificate - Apology for Asking

    Hello, I am embarrassed asking this... but having tried for a long time and having read loads of sites and posts I am no closer. I have the usual browser is not secure when accessing my Proxmox server... My setup... I use Kubuntu 22.04 as my PC with Brave Browser. I've read this page...
  4. [SOLVED] Weboberfläche nach Update nicht erreichbar

    Moin, unser Proxmox server ist nach Update per Weboberfläche nicht mehr erreichbar. Per ssh bringt systemctl status pve* folgenden Output: Unit pve-root-ca.pem.service could not be found. Unit pve-ssl.key.service could not be found. Unit pve-ssl.pem.service could not be found. Zertifikate...
  5. [SOLVED] when running systemctl status pve-daily-update shows inactive (DEAD) ?

    Hello, wondering if this is normal activity for pve-daily-update I am using PVE latest proxmox-ve: 7.2-1 (running kernel: 5.15.35-1-pve) pve-manager: 7.2-3 (running version: 7.2-3/c743d6c1) pve-kernel-5.15: 7.2-3 pve-kernel-helper: 7.2-3 pve-kernel-5.13: 7.1-9 pve-kernel-5.4: 6.4-11...
  6. [SOLVED] Cannot Remove Non-Existent ACME Server

    Hey All, I love the new ACME certificate feature available in PVE 6/7. I created an internal ACME server, and tested it using one of our PVE7 servers. After some infrastructure changes occurred, the ACME server was moved to a new hostname, for example, `acme.example-a.com` ->...
  7. Feature requests for PBS

    Loving PBS but it would great to see the following added as standard so that it's more inline with PVE. I wondered if the below was on the roadmap for the future and if anyone else might find these useful: Firewall management (like PVE) Whilst I know I can use IPTABLES for the firewall element...
  8. Ansible 'Operation not permitted' copying ssl keys directly

    I've got as far as working out that /etc/pve is a fuse mount and that I should use the gui to replace the certs (although it would be nice to automate this) So, more for my leaning, is there a better way to copy these into place through ansible that I'm missing please? Or what am I missing here...
  9. How to setup ssl for pbs?

    I get a ssl certificate error on login to a newly installed pbs backup server. Added a new DDNS name on dynu.net added this to pve acme setup and can order both certificates for pve (which works fine via https) and new for pbs. I don’t know how to setup it on actual pbs server. Any clues are...
  10. Obtain LetsEncrypt TXT Record from pvenode?

    Is there a way through SSH to obtain the TXT record from LetsEncrypt such that I could initially configure LE SSL certs within a node and then simply make a renewal request through the GUI? Thus, the auto renewal of SSL certs would work going forward? I ask as I've yet to find a workaround...
  11. Kein Zugriff auf die WebGUI nach Import eines SSL-Zertifikates erstellt durch OpenSSL

    Hallo, ich glaube ich habe irgendeinen Fehler beim Import eines Selbst erstellten SSL-Zertifikats gemacht.. Ich betreibe einen Cluster aus drei Nodes und auf dem ersten Node habe ich das Zertifikat, was ich über OpenSSL erstellt habe, hochgeladen. Nachdem es Hochgeladen wurde, kann ich die...
  12. Certificate verification failed on vms

    Hi everyone, I've just installed proxmox ve 5.4-13 on vps with two vms behind. One regular and a Firewall. both vm have netwotrk connectivity (ping test ok). But .. when I'm trying to make an update (gui and cli for Firewall) I always have an ssl error saying "certificate verification failed"...
  13. ProxMox SSL Setup Not Working

    Hey Guys, I am very new to proxmox, So please excuse the ignorance. I have been looking around but found no answer, Hopefully there's one here ;). I have setup a proxmox clustere with an additional node, But if I try to do anything through the cluster, it says communication error because...
  14. proxmox GUI cannot access after upload external SSL

    hi, i'm using Proxmox VE 5. i try upload ssl from geotrust. after upload private key and intermediate key, i can't access proxmox GUI. please help.
  15. [SOLVED] Ghost files in PVE cluster FS

    Hi, I'm running a freshly installed & up-to-date 3-node Proxmox VE 5.3 cluster. Everything was fine until I tried to deploy custom SSL certificates for the web UI. The process detailed in the documentation implies to add new files (pveproxy-ssl.pem & pveproxy-ssl.key) to the...
  16. ldap/ssl failure: server name mismatch

    i cannot connect my PMG to an LDAPS (ldap/ssl) server. the LDAPS server uses a valid certificate (signed by letsencrypt), and I can use it just fine with e.g. ldapsearch -x -H ldaps://ldap.example.com`. however with PMG, the connection is terminated, because of certificate errors. The root...
  17. Connection error 596: tls_process_server_certificate: certificate verify failed

    After a long battle (described in this post https://forum.proxmox.com/threads/adding-2nd-node-fails.44663/), I have two nodes that both are specified in the coroxync.conf files on each node (correctly), but a certificate error seems to be blocking the two from communicating. If I log into...
  18. SSL Configutaion issue

    Hi I followed the link to configure SSL after that Web GUI is not coming showing ERR_CONNECTION_CLOSED Can you guys help me where to check error logs. -Chiru
  19. Continuing issues with pveproxy and pve-ssl.key

    Hello, all. I have two proxmox nodes (4.2-2 and 4.1-15) running on Debian 8 where access to the node's web site constantly stops working. Only after I restart pveproxy can I access the site again. Along with this behavior is constant errors in syslog: Oct 19 13:15:13 proxmox5 pveproxy[18965]...
  20. VM failed to start after changing SSL

    Hello, I changed the SSL certificate Proxmox and start the VMs get this error: Failed to start VNC server: Our own certificate failed validation /etc/pve/local/pve-ssl.pem /etc/pve/pve-root-ca.pem Against : The certificate has not got a Known issuer I use a certificate startssl I worked...

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get your own in 60 seconds.

Buy now!