API ends everytime with ssl3_get_server_certificate

[Virtualizer]

The api (PHP) open the connection to the host and I see they get back time infos and something. The the api send a create statement and then I get every back the certificate error. I see in the host, that the remote host could not verify the certificate:

HTTP/1.1 200 OK
Cache-Control: max-age=0
Connection: Keep-Alive
Date: Tue, 14 Mar 2017 12:27:31 GMT
Pragma: no-cache
Server: pve-api-daemon/3.0
Content-Length: 211
Content-Type: application/json;charset=UTF-8
Expires: Tue, 14 Mar 2017 12:27:31 GMT

{"data":[{"disk":41317282656,"maxcpu":8,"uptime":13945338,"mem":324241365376,"type":"node","maxdisk":3007362629120,"cpu":0.2032402253382954,"node":"HOSTNAME","id":"node/HOST-host","level":"c","maxmem":6745371222912}]}
Array
(
[ostemplate] => local:vztmpl/debian-8.0-standard_8.6-1_amd64.tar.gz
[vmid] => 4940
[hostname] => CT4940.HOST
[storage] => sata
[onboot] => 1
[description] => backup:0
[cpulimit] => 1
[rootfs] => 54
[memory] => 3328
[swap] => 1280
[password] => b***sOh****y1H
[net0] => name=eth0,bridge=vmbr2,firewall=1,gw=257.32.257.222,ip=213.257.112.257/27,rate=13
)
1
HTTP/1.1 596 ssl3_get_server_certificate: certificate verify failed
Cache-Control: max-age=0
Connection: close
Date: Tue, 14 Mar 2017 12:27:31 GMT
Pragma: no-cache
Server: pve-api-daemon/3.0
Expires: Tue, 14 Mar 2017 12:27:31 GMT

In the Host the line:

Mar 14 13:22:21 PM10-host pveproxy[5534]: Could not verify remote node certificate '61:82:**:**:**:3A:29:65:**:**:**:B6:B9:64
Mar 14 13:27:31 PM10-host pveproxy[5536]: Could not verify remote node certificate '61:82:**:**:**:3A:29:65:**:**:**:B6:B9:64

 

[Virtualizer]

About API and Stats I can get now all the datas! So I thing so, that the error about the verify certicate comes only why the rights are not set correct!
It´s absolute unclear, what for rights to use to create via API a container! We had month before the same, but this settings we havent save! About know begin again to search the problems with the rights and the documentation is here not good enough!

 

[Virtualizer]

Now 3 hours later, we have test much more, we know now, that the error message of the API has nothing to doe with a certificate problem! We search longer to find a resolution! We have test this:

Array
(
[ostemplate] => local:vztmpl/alpine-3.4-default_20161206_amd64.tar.xz
[vmid] => 4940
[hostname] => CT4940.HOST
1
HTTP/1.1 400 Parameter verification failed.
About this, the host get complete our request, but something is wrong realy, but with an absolute wrong error message, as we write in the 1st message! In this message we get a good error message - absolute fine!

..... and a little bit later with 4 parameters the container was created - a little bit more happy - we must find, with the other parameters, why the host will not doe!

Array
(
[ostemplate] => local:vztmpl/alpine-3.4-default_20161206_amd64.tar.xz
[vmid] => 4940
[hostname] => CT4940.HOST
[storage] => sata
[onboot] => 1
)
1

 

[Virtualizer]

Now it works fine. The problem was a following space at the end of the network interface card, exactly by "....,rate=13 ". With 2 wrong interface cards we get a error "Parameter verification failed.", can been that the problem only comes with when more as 2 parameters has a problem OR when it comes with one of the template, by us the 1st was for debian and then we have tested with a smaller template alpine.

 

[fabian]

just for future reference: if you want to report problems with the API, please include a complete actual request that does not work as expected, not partial output of some third-party API client/bindings. otherwise it is not possible for us to tell whether there is a bug on our side, in the bindings you are using or in the way you are using them - and you won't get the help you want.

 

[Virtualizer]

I have again problems with the API. I use the PHP Class "Proxmox VE APIv2 (PVE2) Client - PHP Class"! First many times I get an error with certificate, when I communicate fresh to an host! Then after horas all requests works fine, but now, I have one, only when I send with PUT, I get every time an error! The Thing is, the requests are sending all with the same login-ticket in the same job! After the PUT-sending and where the certificate error comes, the next API request with POST runs again perfect! So why the PUT makes now only problems and I can use in the PUT other parameters and this is the same!

.... until here many other request for the creation and on, are sendet equal too with response 200 OK and then:

Request: POST nodes/pm12-host/lxc/1202/firewall/rules
Array
(
[action] => kdtrial
[enable] => 1
[type] => group
)
1
HTTP/1.1 200 OK
Cache-Control: max-age=0
Connection: close
Connection: Keep-Alive
Date: Fri, 17 Mar 2017 17:37:04 GMT
Pragma: no-cache
Server: pve-api-daemon/3.0
Content-Length: 13
Content-Type: application/json;charset=UTF-8
Expires: Fri, 17 Mar 2017 17:37:04 GMT

{"data":null}
Request: PUT nodes/pm12-host/lxc/1202/firewall/options
Array
(
[policy_in] => ACCEPT
[policy_out] => ACCEPT
)
1
HTTP/1.1 596 ssl3_get_server_certificate: certificate verify failed
Cache-Control: max-age=0
Connection: close
Date: Fri, 17 Mar 2017 17:37:04 GMT
Pragma: no-cache
Server: pve-api-daemon/3.0
Expires: Fri, 17 Mar 2017 17:37:04 GMT


Request: POST nodes/pm12-host/lxc/1202/firewall/ipset
Array
(
[name] => ipfilter-eth0
)
1
HTTP/1.1 200 OK
Cache-Control: max-age=0
Connection: close
Connection: Keep-Alive
Date: Fri, 17 Mar 2017 17:37:04 GMT
Pragma: no-cache
Server: pve-api-daemon/3.0
Content-Length: 13
Content-Type: application/json;charset=UTF-8
Expires: Fri, 17 Mar 2017 17:37:04 GMT

{"data":null}
Request: POST nodes/pm12-host/lxc/1202/firewall/ipset/ipfilter-eth0
Array
(
[cidr] => 176.31.12.46/32
)
1
HTTP/1.1 200 OK
Cache-Control: max-age=0
Connection: close
Connection: Keep-Alive
Date: Fri, 17 Mar 2017 17:37:04 GMT
Pragma: no-cache
Server: pve-api-daemon/3.0
Content-Length: 13
Content-Type: application/json;charset=UTF-8
Expires: Fri, 17 Mar 2017 17:37:04 GMT

{"data":null}