FIXED: Broken GUI after certificates changes

[Martin Maisey]

Hi,

I've just tried to install certificates on my Proxmox server, without success. I then followed the "Revert to previous configuration" instructions at https://pve.proxmox.com/wiki/HTTPS_Certificate_Configuration_(Version_4.x_and_newer) and still have connection problems.

in Chrome I get "<myhostname> unexpectedly closed the connection.".

If I execute "openssl s_client -connect <myhostname>:8006 -state -nbio 2>&1" I get (my emphasis):

====
CONNECTED(00000003)
Turned on non blocking io
SSL_connect:before SSL initialization
SSL_connect:SSLv3/TLS write client hello
SSL_connect:error in SSLv3/TLS write client hello
write R BLOCK
SSL_connect:error in SSLv3/TLS write client hello
read:errno=0
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 176 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1499955319
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
---
====

There aren't any errors logged starting pveproxy:

====
root@<myhostname>:~# journalctl -b -u pveproxy.service
-- Logs begin at Thu 2017-07-13 15:00:00 BST, end at Thu 2017-07-13 15:21:27 BST. --
Jul 13 15:00:16 <myhostname> systemd[1]: Starting PVE API Proxy Server...
Jul 13 15:00:17 <myhostname> pveproxy[5200]: Using '/etc/pve/local/pveproxy-ssl.pem' as certificate for the web interface.
Jul 13 15:00:17 <myhostname> pveproxy[5207]: starting server
Jul 13 15:00:17 <myhostname> pveproxy[5207]: starting 3 worker(s)
Jul 13 15:00:17 <myhostname> pveproxy[5207]: worker 5208 started
Jul 13 15:00:17 <myhostname> pveproxy[5207]: worker 5209 started
Jul 13 15:00:17 <myhostname> pveproxy[5207]: worker 5210 started
Jul 13 15:00:17 <myhostname> systemd[1]: Started PVE API Proxy Server.
====

I've tried full server reboots as some other threads suggested that might help, but it doesn't in this case.

Could anyone help me get the WebGUI back?

 

[Martin Maisey]

Just managed to fix it myself, missed that the instructions did not delete the files I'd copied over. Removing /etc/pve/local/pveproxy-ssl.pem and /etc/pve/local/pveproxy-ssl.key and doing "systemctl restart pveproxy" fixed things.

 

[whattheserver]

Just managed to fix it myself, missed that the instructions did not delete the files I'd copied over. Removing /etc/pve/local/pveproxy-ssl.pem and /etc/pve/local/pveproxy-ssl.key and doing "systemctl restart pveproxy" fixed things.

thanks so much for this tip couldn't figure out for the life of me why it wasn't working when everything indicated it should be working

 

[Jordy8267]

Just managed to fix it myself, missed that the instructions did not delete the files I'd copied over. Removing /etc/pve/local/pveproxy-ssl.pem and /etc/pve/local/pveproxy-ssl.key and doing "systemctl restart pveproxy" fixed things.

Thanks this helped me!

 

[avnanrahman]

Thanks you

Just managed to fix it myself, missed that the instructions did not delete the files I'd copied over. Removing /etc/pve/local/pveproxy-ssl.pem and /etc/pve/local/pveproxy-ssl.key and doing "systemctl restart pveproxy" fixed things.

thanks you, you save my life.

 

[SamirO]

Just managed to fix it myself, missed that the instructions did not delete the files I'd copied over. Removing /etc/pve/local/pveproxy-ssl.pem and /etc/pve/local/pveproxy-ssl.key and doing "systemctl restart pveproxy" fixed things.

thanks you

 

[mibant]

Just managed to fix it myself, missed that the instructions did not delete the files I'd copied over. Removing /etc/pve/local/pveproxy-ssl.pem and /etc/pve/local/pveproxy-ssl.key and doing "systemctl restart pveproxy" fixed things.

Thank you, still working