ssl cert

  1. A

    [SOLVED] SSL: unable to verify the first certificate

    While trying to setup a Checkmk special agent i found that i cannot open a ssl connection to my proxmox hosts via openssl. This always throws an Error : 'unable to get local issuer certificate' and 'unable to verify the first certificate'. Please correct me if i am wrong, but from what i read...
  2. N

    [SOLVED] Unable to access web interface after updating certificate

    Hi, I am quite new to proxmox. I tried updating the certificate through the UI and now the web UI is not loading. All services and VMs are up and running and I can access the server using SSH. Can someone please guide me to recover my setup? I have attached output for following commands...
  3. T

    Hertzner Nginx Proxy Manager

    Hello everyone! I am new to proxmox having a problem with nginx proxy manager, I have a VM for DHCP as well as a VM with docker on it. My proxy manager sits on my Docker VM which I started with portainer, everything works as long as I use the IP. I'm trying to fix so I can get my domain names...
  4. T

    454 4.7.0 TLS not available due to local problem

    Transcript of session follows. Out: 220 mail.dmz.se dmz.se In: EHLO mta-70-5-198.update.strava.com.sparkpostmail.com Out: 250-mail.dmz.se Out: 250-PIPELINING Out: 250-SIZE 10485760 Out: 250-VRFY Out: 250-ETRN Out: 250-STARTTLS Out: 250-ENHANCEDSTATUSCODES Out: 250-8BITMIME Out: 250-SMTPUTF8...
  5. C

    Added SSL certs, now cannot access web GUI

    I'm running a cluster of four Proxmox community servers, Proxmox 7.3-3 on Debian 11, in a cluster. I was getting tired of the SSL warnings from the self-signed certificate so created a CSR on each and signed them on my local CA server, I'm aware of ACME but did not want to use an external...
  6. K

    ssl acme?

    Hi how to automate the use of certificates that are issued by your local certification authority? deployed my center, I receive a certificate from it through certbot and it is located /etc/letsencrypt/live/%FQDN I wanted to put files from /etc/letsencrypt/live/%FQDN into /etc/pve/local through...
  7. T

    Unable to access GUI after uploading my certificates

    I uploaded an fullchain cert from Let's Encrypt... I was asked to reload the GUI... then I cant access the gui again... the server works, mails flows but I cant access the GUI... any idea how to resolve this issue?
  8. A

    SSL Connection error, please offer suggestions

    So, I was testing out some certificate stuff and might have accidentally borked my Proxmox. Usually, I would just reinstall it but this time it's different. I'm getting the following errors with curl: curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL and wget: GnuTLS: The TLS connection was...
  9. M

    ACME client wrongly treats IP address as DNS name in CSR generation

    I'm using PVE's ACME client to get a certiifcate from my ACME server. I added two names: "domain.com" and "172.16.0.1" in the control panel. The certificate I finally got has its Subject Alternative Name = "DNS:domain.com,DNS:172.16.0.1". It's invalid. It should be...
  10. A

    Self sign certs got ERR_SSL_KEY_USAGE_INCOMPATIBLE

    Hello, And: I'm using lastest PVE cluster. Then, I create my own Root-CA, Middle-CA, Server Cert. After upload, Chrome show "ERR_SSL_KEY_USAGE_INCOMPATIBLE" and "thisisunsafe" not working. But with nginx, Chrome can accept the cert. So as far as I know, Chrome is very picky with ssl cipher...
  11. G

    Browser Certificate - Apology for Asking

    Hello, I am embarrassed asking this... but having tried for a long time and having read loads of sites and posts I am no closer. I have the usual browser is not secure when accessing my Proxmox server... My setup... I use Kubuntu 22.04 as my PC with Brave Browser. I've read this page...
  12. W

    [SOLVED] Weboberfläche nach Update nicht erreichbar

    Moin, unser Proxmox server ist nach Update per Weboberfläche nicht mehr erreichbar. Per ssh bringt systemctl status pve* folgenden Output: Unit pve-root-ca.pem.service could not be found. Unit pve-ssl.key.service could not be found. Unit pve-ssl.pem.service could not be found. Zertifikate...
  13. S

    [SOLVED] when running systemctl status pve-daily-update shows inactive (DEAD) ?

    Hello, wondering if this is normal activity for pve-daily-update I am using PVE latest proxmox-ve: 7.2-1 (running kernel: 5.15.35-1-pve) pve-manager: 7.2-3 (running version: 7.2-3/c743d6c1) pve-kernel-5.15: 7.2-3 pve-kernel-helper: 7.2-3 pve-kernel-5.13: 7.1-9 pve-kernel-5.4: 6.4-11...
  14. R

    [SOLVED] Cannot Remove Non-Existent ACME Server

    Hey All, I love the new ACME certificate feature available in PVE 6/7. I created an internal ACME server, and tested it using one of our PVE7 servers. After some infrastructure changes occurred, the ACME server was moved to a new hostname, for example, `acme.example-a.com` ->...
  15. K

    Feature requests for PBS

    Loving PBS but it would great to see the following added as standard so that it's more inline with PVE. I wondered if the below was on the roadmap for the future and if anyone else might find these useful: Firewall management (like PVE) Whilst I know I can use IPTABLES for the firewall element...
  16. R

    Ansible 'Operation not permitted' copying ssl keys directly

    I've got as far as working out that /etc/pve is a fuse mount and that I should use the gui to replace the certs (although it would be nice to automate this) So, more for my leaning, is there a better way to copy these into place through ansible that I'm missing please? Or what am I missing here...
  17. C

    How to setup ssl for pbs?

    I get a ssl certificate error on login to a newly installed pbs backup server. Added a new DDNS name on dynu.net added this to pve acme setup and can order both certificates for pve (which works fine via https) and new for pbs. I don’t know how to setup it on actual pbs server. Any clues are...
  18. C

    Obtain LetsEncrypt TXT Record from pvenode?

    Is there a way through SSH to obtain the TXT record from LetsEncrypt such that I could initially configure LE SSL certs within a node and then simply make a renewal request through the GUI? Thus, the auto renewal of SSL certs would work going forward? I ask as I've yet to find a workaround...
  19. S

    Kein Zugriff auf die WebGUI nach Import eines SSL-Zertifikates erstellt durch OpenSSL

    Hallo, ich glaube ich habe irgendeinen Fehler beim Import eines Selbst erstellten SSL-Zertifikats gemacht.. Ich betreibe einen Cluster aus drei Nodes und auf dem ersten Node habe ich das Zertifikat, was ich über OpenSSL erstellt habe, hochgeladen. Nachdem es Hochgeladen wurde, kann ich die...
  20. D

    Certificate verification failed on vms

    Hi everyone, I've just installed proxmox ve 5.4-13 on vps with two vms behind. One regular and a Firewall. both vm have netwotrk connectivity (ping test ok). But .. when I'm trying to make an update (gui and cli for Firewall) I always have an ssl error saying "certificate verification failed"...

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!