Good morning,
on my Proxmox 5.2 cluster, following the guide at https://pve.proxmox.com/wiki/HTTPS_Certificate_Configuration_(Version_4.x_and_newer) I replaced the certificates for the Web GUI with my own CA's certificates.
But I'm actually unable to start the VMs.
The error I get is:
I've seen other topics about this issue but I don't seem to find the correct solution.
Now the guide says to use the fullchain.pem without the root CA.
I don't have any sub CA so the fullchain.pem in this case should only be composed by the certificate itself, correct?
Or do I need to also to remove or replace the /etc/pve/pve-root-ca.pem with my own root CA?
Thank you very much in advance!
Best regards
on my Proxmox 5.2 cluster, following the guide at https://pve.proxmox.com/wiki/HTTPS_Certificate_Configuration_(Version_4.x_and_newer) I replaced the certificates for the Web GUI with my own CA's certificates.
But I'm actually unable to start the VMs.
The error I get is:
Code:
kvm: -vnc unix:/var/run/qemu-server/115.vnc,x509,password: Failed to start VNC server: Our own certificate /etc/pve/local/pve-ssl.pem failed validation against /etc/pve/pve-root-ca.pem: The certificate hasn't got a known issuerI've seen other topics about this issue but I don't seem to find the correct solution.
Now the guide says to use the fullchain.pem without the root CA.
I don't have any sub CA so the fullchain.pem in this case should only be composed by the certificate itself, correct?
Or do I need to also to remove or replace the /etc/pve/pve-root-ca.pem with my own root CA?
Thank you very much in advance!
Best regards