Renew SSL certificate after ip change of the GUI

C

chris_lee

Active Member
Dec 18, 2012
38
2
28
Dear colleagues,

I ran into a problem after I changed the IP of the GUI interface. The Web UI was still reachable, but when opening the VNC console, I got an a "failed to connect to server" error.
I moved the files:
  • /etc/pve/pve-root-ca.pem
  • /etc/pve/priv/pve-root-ca.key
somewhere else and did

pvecm updatecerts -f

Nevertheless safari did not open the noVNC console. Firefox allows it with some errors. When I display the certificate, that is served, I see still the old IP, which causes the certificate mismatch.

Is there an easy way of renewing the certificate. Any suggestions?

Thanks
Chris
 
did you also change the ip in /etc/hosts before you updated your certs ? (we resolve the hostname for checking its ip)
 
  • Like
Reactions: XGKCode and beatwin
Hello
I'm on Pve 7.1-7 currently, I encountered the same problem.
The pvecm updatecerts --force command does not seem to generate the pve-root.ca.pem file in this specific case.

You just have to delete it manually, then once the command has been launched, it is generated.
 
Hi, did any manage to do this and how to renew certificates after IP change ?
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back