Hi All,
I'm no expert, this isn't official advice, but if like me you have installed backup and PVE on the same box and are annoyed it's not sharing the same ssl as the PVE install read on...
By default proxmox backup server doesn't use the same cert as your PVE when installed on the same box and so the cert is 'self signed' and you'll get a nag.
If you have a backup server installed on same host as pve, and you have a working certificate for PVE, and I know that's it's not ideal to have both on the same host, but many people will be doing it, especially as I've found out that if your backup server is not in the same datacentre and has a bit of latency (like more than 2ms), it can be quicker to backup locally and then remote sync to your other server. Checkout the proxmox-backup-manager benchmark to see you are getting slow transfers to remote servers.
You can copy the PVE SSL certs to the ones used by the backup server :
Hope that helps someone.
NOTE:
Sometimes this seems to change the fingerprint of your backup server. If so you'll need to update the key in any mounted filesystems in 'storage' in PVE, or other backup servers that connect to it as a remote.
I'm no expert, this isn't official advice, but if like me you have installed backup and PVE on the same box and are annoyed it's not sharing the same ssl as the PVE install read on...
By default proxmox backup server doesn't use the same cert as your PVE when installed on the same box and so the cert is 'self signed' and you'll get a nag.
If you have a backup server installed on same host as pve, and you have a working certificate for PVE, and I know that's it's not ideal to have both on the same host, but many people will be doing it, especially as I've found out that if your backup server is not in the same datacentre and has a bit of latency (like more than 2ms), it can be quicker to backup locally and then remote sync to your other server. Checkout the proxmox-backup-manager benchmark to see you are getting slow transfers to remote servers.
You can copy the PVE SSL certs to the ones used by the backup server :
Code:
root@trinity:~# cd /etc/proxmox-backup/
root@trinity:/etc/proxmox-backup# ls
authkey.key authkey.pub csrf.key datastore.cfg proxy.key proxy.pem remote.cfg sync.cfg
root@trinity:/etc/proxmox-backup# cp /etc/pve/local/pveproxy-ssl.pem proxy.pem
root@trinity:/etc/proxmox-backup# cp /etc/pve/local/pveproxy-ssl.key proxy.key
root@trinity:/etc/proxmox-backup# systemctl restart proxmox-backup-proxyHope that helps someone.
NOTE:
Sometimes this seems to change the fingerprint of your backup server. If so you'll need to update the key in any mounted filesystems in 'storage' in PVE, or other backup servers that connect to it as a remote.
Last edited: