SSL Error

P

Pampa Party

Member
Apr 26, 2023
53
3
8
Hi,

i messed up my Proxmox with own createt SSL and can´t acces the gui anymore. I changed:

Code: 
/etc/pve/local/pve-ssl.key
/etc/pve/local/pve-ssl.pem

instead of

Code: 
/etc/pve/nodes/NODENAME/pve-ssl.pem
/etc/pve/nodes/NODENAME/pve-ssl.key

like advised here https://pve.proxmox.com/pve-docs/pve-admin-guide.html#sysadmin_certificate_management.

So i try to get acces to my gui again and don´t know how. I´m afraid of messings things up even more so i need some help.

Is there a solution the reset ssl or get back to http? Like doing this?:

Code: 
rm /etc/pve/local/pve-ssl.pem
rm /etc/pve/local/pve-ssl.key

Code: 
pvecm updatecerts --force

i don´t tried this so far cause i´m not sure about the sesult.


Some time ago, i set a cluster for this node but didnt use it because is had vm´s on in and implemantation didn´t work because of this if i remeber right. Also can´t remove the cluster so i said to myself, my future me can deal with it. So here we are, cause what i have read this could be a problem for ssl as well. So any help is welcome.

Best regards
Pampa
 
What is the content of /etc/pve/local ?

Code: 
la -l /etc/pve/local/
 
fireon said:
What is the content of /etc/pve/local ?

Code: 
la -l /etc/pve/local/
Click to expand...
content is:

-rw-r----- 1 root www-data 83 Jan 3 16:00 lrm_status
drwxr-xr-x 2 root www-data 0 Mar 11 2024 lxc
drwxr-xr-x 2 root www-data 0 Mar 11 2024 openvz
drwx------ 2 root www-data 0 Mar 11 2024 priv
-rw-r----- 1 root www-data 1704 Jan 3 12:24 pveproxy-ssl.key
-rw-r----- 1 root www-data 2851 Jan 3 13:24 pveproxy-ssl.pem
-rw-r----- 1 root www-data 1704 Jan 3 13:19 pve-ssl.key
-rw-r----- 1 root www-data 2851 Jan 3 12:59 pve-ssl.pem
drwxr-xr-x 2 root www-data 0 Mar 11 2024 qemu-server
-rw-r----- 1 root www-data 560 Jan 3 13:25 ssh_known_hosts

in the meantime i found this https://forum.proxmox.com/threads/restore-self-signed-ssl-and-ca-for-node.96800/

can i just do:

Code: 
rm /etc/pve/nodes/<NODENAME>/pve-ssl.pem
rm /etc/pve/nodes/<NODENAME>/pve-ssl.key

rm /etc/pve/pve-root-ca.pem
rm /etc/pve/priv/pve-root-ca.key

rm /etc/pve/local/pve-ssl.pem
rm /etc/pve/local/pve-ssl.key

and then

Code: 
pvecm updatecerts --force

and then

Code: 
systemctl restart pveproxy
systemctl restart pvedaemon

?
 
Del pveproxy-ssl.key and pveproxy-ssl.pem, after restart the pveproxy service:

Code: 
systemctl restart pveproxy

After that, the buildin cert is valid again and you can log in the WebUI normally.
 
fireon said:
Del pveproxy-ssl.key and pveproxy-ssl.pem, after restart the pveproxy service:

Code: 
systemctl restart pveproxy

After that, the buildin cert is valid again and you can log in the WebUI normally.
Click to expand...
Thx, but which directory? /etc/pve/nodes/&lt;NODENAME&gt;/ ..? or /etc/pve/local/...? or both?
 
You must log in or register to reply here.
Top Bottom