Problem mit https

iTweek

Member
Jan 2, 2017
128
3
23
Guten abend. Evt kann mir einer da weiter helfen.
Kurz zu mein problem
Ich habe nun ein server die ssl geändert. Dieser Server läuft keine vm drauf sondern ist nur als webinterface gedacht und ist in ein cluster eingebunden.

Ich komme auch per Https auf diese webseite drauf ohne probleme kann auch vnc starten usw.

Allerdings wenn ich nun ein server starten will kommt folgende meldung:

kvm: -vnc unix:/var/run/qemu-server/110.vnc,x509,password: Failed to start VNC server: Unable to import server certificate /etc/pve/local/pve-ssl.pem: Base64 unexpected header error.
start failed: command '/usr/bin/kvm -id 110 -chardev 'socket,id=qmp,path=/var/run/qemu-server/110.qmp,server,nowait' -mon 'chardev=qmp,mode=control' -pidfile /var/run/qemu-server/110.pid -daemonize -smbios 'type=1,uuid=39b5fe1d-e637-47e5-8518-46af167b325f' -name 176.9.7.76-Linux -smp '4,sockets=1,cores=4,maxcpus=4' -nodefaults -boot 'menu=on,strict=on,reboot-timeout=1000,splash=/usr/share/qemu-server/bootsplash.jpg' -vga std -vnc unix:/var/run/qemu-server/110.vnc,x509,password -cpu host,+kvm_pv_unhalt,+kvm_pv_eoi -m 10240 -device 'pci-bridge,id=pci.1,chassis_nr=1,bus=pci.0,addr=0x1e' -device 'pci-bridge,id=pci.2,chassis_nr=2,bus=pci.0,addr=0x1f' -device 'piix3-usb-uhci,id=uhci,bus=pci.0,addr=0x1.0x2' -device 'usb-tablet,id=tablet,bus=uhci.0,port=1' -device 'virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x3' -iscsi 'initiator-name=iqn.1993-08.org.debian:01:e2e4dd83b2b' -drive 'file=/mnt/pve/HDD-3TB-1/template/iso/debian-8.10.0-amd64-netinst.iso,if=none,id=drive-ide2,media=cdrom,aio=threads' -device 'ide-cd,bus=ide.1,unit=0,drive=drive-ide2,id=ide2,bootindex=200' -device 'virtio-scsi-pci,id=scsihw0,bus=pci.0,addr=0x5' -drive 'file=/var/lib/vz/images/110/vm-110-disk-1.qcow2,if=none,id=drive-scsi0,format=qcow2,cache=none,aio=native,detect-zeroes=on' -device 'scsi-hd,bus=scsihw0.0,channel=0,scsi-id=0,lun=0,drive=drive-scsi0,id=scsi0,bootindex=100' -netdev 'type=tap,id=net0,ifname=tap110i0,script=/var/lib/qemu-server/pve-bridge,downscript=/var/lib/qemu-server/pve-bridgedown,vhost=on' -device 'virtio-net-pci,mac=00:50:56:00:05:65,netdev=net0,bus=pci.0,addr=0x12,id=net0,bootindex=300'' failed: exit code 1



Die ssl ist von let's encrypt.
Was nache ich da falsch? Laut wiki soll
pvecm updatecerts -f helfen da kommt allerdings die meldung:


pvecm updatecerts -f
Signature ok
subject=OU = PVE Cluster Node, O = Proxmox Virtual Environment, CN = CORE1.your-server.de
Getting CA Private Key
CA certificate and CA private key do not match
140016719141696:error:06067099:digital envelope routines:EVP_PKEY_copy_parameters:different parameters:../crypto/evp/p_lib.c:91:
140016719141696:error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch:../crypto/x509/x509_cmp.c:295:
unable to generate pve ssl certificate:
command 'faketime yesterday openssl x509 -req -in /tmp/pvecertreq-32063.tmp -days 3650 -out /etc/pve/nodes/CORE1/pve-ssl.pem -CAkey /etc/pve/priv/pve-root-ca.key -CA /etc/pve/pve-root-ca.pem -CAserial /etc/pve/priv/pve-root-ca.srl -extfile /tmp/pvesslconf-32063.tmp' failed: exit code 1


kann mir da wer hilfe stellung geben?
 

iTweek

Member
Jan 2, 2017
128
3
23
Habe nun das system neu gestartet und nun komme ich garnicht mehr auf die 8006 webseite. Irgend was ist da schief gegangen?
 

adiel.abader

New Member
Jul 13, 2020
2
0
1
39
[QUOTE = "iTweek, post: 196714, member: 42190"]
it's been dealt with. Have now made all ssl things new.
[/ QUOTE]
Hi could you send steps on how you solved this issue. I'm new to proxmox ( and just inherited this proxmox server), and I also getting the same error("Failed to start VNC server: Unable to import server certificate /etc/pve/local/pve-ssl.pem: Base64 unexpected header error.") and I just wanted to compare how you managed to solve this issue.... Tia,
 

Attachments

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE and Proxmox Mail Gateway. We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get your own in 60 seconds.

Buy now!