CERT error changing node ip address

yena

Renowned Member
Nov 18, 2011
373
4
83
Hello,
changing one node ip address, now i have this error on the chanded node:
Error Connection error 596: tls_process_server_certificate: certificate verify failed

I have tried pvecm updatecerts --force on this node, no errors but the certificate still fail..

Is it possible to solve in some way without remove end re-add the node ?

Thanks
 
How did you go about changing the IP address? Is the cluster in general still healthy ('pvecm status')?
 
How did you go about changing the IP address?

You still need to answer above, and what else did you do (reboot, ...?). Those details matter when trying to help.

Do you connect to the webinterface of this node, or to another? Respectively, try to connect over another nodes webinterface.

What could be one issue is outdated pinned certs (if you did update certs --force), try to restart pveproxy and pvedaemon (just to be sure):
systemctl restart pveproxy pvedaemon
 
You still need to answer above, and what else did you do (reboot, ...?). Those details matter when trying to help.

Do you connect to the webinterface of this node, or to another? Respectively, try to connect over another nodes webinterface.

What could be one issue is outdated pinned certs (if you did update certs --force), try to restart pveproxy and pvedaemon (just to be sure):
systemctl restart pveproxy pvedaemon

I havn't rebooted ( now i can't .. ) I have this problem only if i try to connect to it from a different node, if i connect direct to it, i can see all other nodes without error.
I have done the update certs --force
I have rebooted pveproxyand pvedaemon.

Thanks!
 
I havn't rebooted ( now i can't .. ) I have this problem only if i try to connect to it from a different node, if i connect direct to it, i can see all other nodes without error.

OK, good to know. Still not telling how you changed the ip... ;)

If you connect to direct to the "problematic" node, does it then also work to select another node?

I have rebooted pveproxyand pvedaemon.

on which node? Try the others also.
 
OK, good to know. Still not telling how you changed the ip... ;)
Sorry y are right, i have changed /etc/hosts , corosync.conf

If you connect to direct to the "problematic" node, does it then also work to select another node?

YES!



on which node? Try the others also.
On all other 8 nodes i have the same issue.
Thanks!
 
Same problem here.

1. Saved new ip in /etc/hosts
2. Changed to new ip in /etc/network/interfaces and service networking restart
3. changed to new ip in /etc/ssh/ssh_known_hosts
4. pvecm updatecerts --force
5. service pve-cluster restart && service pvestatd restart

Nothing helps
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!