download.proxmox.com certificate issue

bordulets

Member
Dec 13, 2021
3
2
8
29
hello, can you explain, why PVE 7.1-4 can't apt into http repos? if i set https repos like:
deb https://download.proxmox.com/debian/pve bullseye pve-no-subscription
it requires authorization, which i can't provide.
from another side, if i set http repo, apt gives me this answer:

Err:1 https://download.proxmox.com/debian/pve bullseye InRelease Certificate verification failed: The certificate is NOT trusted. The name in the certificate does not match the expected. Could not handshake: Error in the certificate verification. [IP: 212.224.123.70 443] Hit:2 https://ftp.debian.org/debian bullseye InRelease Hit:4 https://security.debian.org bullseye-security InRelease Hit:3 https://ftp.debian.org/debian bullseye-updates InRelease Reading package lists... Done Building dependency tree... Done Reading state information... Done All packages are up to date. W: Failed to fetch http://download.proxmox.com/debian/pve/dists/bullseye/InRelease Certificate verification failed: The certificate is NOT trusted. The name in the certificate does not match the expected. Could not handshake: Error in the certificate verification. [IP: 212.224.123.70 443] W: Some index files failed to download. They have been ignored, or old ones used instead.

here is contents of apt.conf.d: https://pastebin.com/GMV8ZwQ5

please help. many thanx
 

Attachments

  • photo_2021-12-14_17-32-33.jpg
    photo_2021-12-14_17-32-33.jpg
    33.2 KB · Views: 11
Last edited:
I'm sorry, but i'm configured pve exactly as in your documentation. What i have in repos:
Code:
deb http://ftp.debian.org/debian bullseye main contrib
deb http://ftp.debian.org/debian bullseye-updates main contrib

# PVE pve-no-subscription repository provided by proxmox.com,
# NOT recommended for production use
deb http://download.proxmox.com/debian/pve bullseye pve-no-subscription

# security updates
deb http://security.debian.org/debian-security bullseye-security main contrib

And there is an output:
Code:
Err:4 https://download.proxmox.com/debian/pve bullseye InRelease
  Certificate verification failed: The certificate is NOT trusted. The name in the certificate does not match the expected.  Could not handshake: Error in the certificate verification. [IP: 212.224.123.70 443]
Hit:1 https://ftp.debian.org/debian bullseye InRelease
Hit:3 https://security.debian.org/debian-security bullseye-security InRelease
Hit:2 https://ftp.debian.org/debian bullseye-updates InRelease
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
All packages are up to date.
W: Failed to fetch http://download.proxmox.com/debian/pve/dists/bullseye/InRelease  Certificate verification failed: The certificate is NOT trusted. The name in the certificate does not match the expected.  Could not handshake: Error in the certificate verification. [IP: 212.224.123.70 443]
W: Some index files failed to download. They have been ignored, or old ones used instead.
How i can forcefully setup apt to get files only via http? Not just in a sources.list and sources.list.d
 
Last edited by a moderator:
And there is an output:
Err:4 https://download.proxmox.com/debian/pve bullseye InRelease
You may have the https version configured in another .list file, check:
Bash:
grep 'https://download' /etc/apt/sources.list /etc/apt/sources.list.d/*.list
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!