PVEproxy no load

A

AnonymousWH

New Member
Jul 15, 2021
5
0
1
29
I generate my certificates for each CT and server with let encrypt
then via web inside the proxmox, try to add my key.pem and my chain.pem, all ok. The web asked to restart, and it never started again

Code: 
root@promox:/etc/pve/local# netstat -plntu
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name  
tcp        0      0 0.0.0.0:8006            0.0.0.0:*               LISTEN      3015/pveproxy      
tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN      1/init            
tcp        0      0 127.0.0.1:85            0.0.0.0:*               LISTEN      1680/pvedaemon    
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1400/sshd          
tcp        0      0 0.0.0.0:3128            0.0.0.0:*               LISTEN      1698/spiceproxy    
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      1615/master        
tcp6       0      0 :::9100                 :::*                    LISTEN      762/prometheus-node
tcp6       0      0 :::111                  :::*                    LISTEN      1/init            
tcp6       0      0 :::22                   :::*                    LISTEN      1400/sshd          
tcp6       0      0 ::1:25                  :::*                    LISTEN      1615/master        
udp        0      0 0.0.0.0:111             0.0.0.0:*                           1/init            
udp6       0      0 :::111                  :::*                                1/init

and/


Code: 
oot@promox:/etc/pve/local# systemctl status pveproxy
● pveproxy.service - PVE API Proxy Server
   Loaded: loaded (/lib/systemd/system/pveproxy.service; enabled; vendor preset: enabled)
   Active: active (running) since Thu 2021-07-15 02:16:00 CDT; 3s ago
  Process: 2969 ExecStartPre=/usr/bin/pvecm updatecerts --silent (code=exited, status=0/SUCCESS)
  Process: 2980 ExecStart=/usr/bin/pveproxy start (code=exited, status=0/SUCCESS)
 Main PID: 3015 (pveproxy)
    Tasks: 4 (limit: 4915)
   Memory: 131.7M
   CGroup: /system.slice/pveproxy.service
           ├─3015 pveproxy
           ├─3016 pveproxy worker
           ├─3017 pveproxy worker
           └─3018 pveproxy worker

Jul 15 02:15:57 promox systemd[1]: Starting PVE API Proxy Server...
Jul 15 02:16:00 promox pveproxy[2980]: Using '/etc/pve/local/pveproxy-ssl.pem' as certificate for the web interface.
Jul 15 02:16:00 promox pveproxy[3015]: starting server
Jul 15 02:16:00 promox pveproxy[3015]: starting 3 worker(s)
Jul 15 02:16:00 promox pveproxy[3015]: worker 3016 started
Jul 15 02:16:00 promox pveproxy[3015]: worker 3017 started
Jul 15 02:16:00 promox pveproxy[3015]: worker 3018 started
Jul 15 02:16:00 promox systemd[1]: Started PVE API Proxy Server.

I don't even load the web even by ip: 8006
at least, some way that I can put the default certificate and not mine, to see if the web will load me?
 
Last edited:
Fixed

Code: 
root@promox:/etc/pve/local# ls -l
total 3
-rw-r----- 1 root www-data  516 Jun 17 11:13 host.fw
-rw-r----- 1 root www-data   83 Jul 15 03:05 lrm_status
drwxr-xr-x 2 root www-data    0 Feb 14  2019 lxc
drwxr-xr-x 2 root www-data    0 Feb 14  2019 openvz
drwx------ 2 root www-data    0 Feb 14  2019 priv
-rw-r----- 1 root www-data 1708 Jul 15 03:03 pveproxy-ssl.key
-rw-r----- 1 root www-data 3436 Jul 15 03:03 pveproxy-ssl.pem
-rw-r----- 1 root www-data 1708 May  2 17:41 pve-ssl.key
-rw-r----- 1 root www-data 3436 May  2 17:41 pve-ssl.pem
drwxr-xr-x 2 root www-data    0 Feb 14  2019 qemu-server

Code: 
cat pve-ssl.key > pveproxy-ssl.key
Code: 
cat pve-ssl.pem > pveproxy-ssl.pem
Code: 
systemctl restart pveproxy
 
czechsys said:
Your question is covered by documentation. Even on forum. Lazy to search?
Click to expand...
no fixed my problem
I make that cat > x.pem but , let me see the web , but no let me join


Code: 
Connection error 401: permission denied - invalid PVE ticket


I was reading the documentation and where it says [DO NOT EDIT ..ETC] I did
Any way to regenerate the certificates or something?
I tried
Bash: 
pvecm updatecerts --force
but nothing
 

Attachments

  • Captura de pantalla de 2021-07-15 03-45-13.png
    Captura de pantalla de 2021-07-15 03-45-13.png
    58.6 KB · Views: 4
Fixed
During the deletion of the * .pem, which is in the documentation and then regenerate the certificate, it was necessary to specify these
Code: 
authkey.key


Code: 
rm -r /etc/pve/pve-root-ca.pem
rm -r /etc/pve/priv/pve-root-ca.key
rm -r /etc/pve/priv/authkey.key
rm -r /etc/pve/priv/authorized_keys
rm -r /etc/pve/nodes/<node>/pve-ssl.*
rm -r /etc/pve/authkey.pub
pvecm updatecerts -f
systemctl restart pvedaemon pveproxy
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back