Hello,
I just started using Proxmox and I have a very strange situation here.
My setup
I cannot post what could look like a link as I am a new member. Sorry if it is hard to read.
I have 2 nodes behind a router, on which I do some port forwarding, to access them from outside using my own domain name. So node1 would be accessible using domain:161 and node2 using domain:162, in https.
These nodes have my own SSL certificate, and it was working great until I put them in a new cluster.
I have created the cluster on node2 (more powerful hardware) and added node1 in it.
Since then I have the following issues :
Using the default SSL certificate
With Chrome
I cannot access the web interface by using the node_ip:8006. But I can access it if I add the server in my hosts file and use name_I_chose:8006. I cannot access it as well using the external domain:161
It have these errors in /var/log/daemon.log everytime I try to access the web interface :
Feb 24 22:07:05 node1 pveproxy[5777]: problem with client MY_IP; rsa_padding_check_pkcs1_type_1: block type is not 01
Feb 24 22:07:05 node1 pveproxy[5777]: Can't call method "timeout_reset" on an undefined value at /usr/share/perl5/PVE/HTTPServer.pm line 227.
With Edge
Here everything works both internally and externally.
Using my own SSL certificate
Here it is way simplier, nothing works, with any browser and no error message in /var/log/daemon.log. It just says :
Feb 24 21:45:55 node1 systemd[1]: Starting PVE API Proxy Server...
Feb 24 21:45:57 node1 pveproxy[5578]: Using '/etc/pve/local/pveproxy-ssl.pem' as certificate for the web interface.
Feb 24 21:45:57 node1 pveproxy[5588]: starting server
Feb 24 21:45:57 node1 pveproxy[5588]: starting 3 worker(s)
Feb 24 21:45:57 node1 pveproxy[5588]: worker 5589 started
Feb 24 21:45:57 node1 pveproxy[5588]: worker 5590 started
Feb 24 21:45:57 node1 pveproxy[5588]: worker 5591 started
On the browsers I have a nice page saying "we can't reach this page - ERR_CONNECTION_CLOSED".
Conclusion
So it looks like Chrome is not using the right padding scheme. But it was using the right one when the nodes were not in a cluster. And after the cluster was created, Proxmox does not handle other certificates correctly.
Did someone had or solved the same issue ?
Thank you a lot.
I just started using Proxmox and I have a very strange situation here.
My setup
I cannot post what could look like a link as I am a new member. Sorry if it is hard to read.
I have 2 nodes behind a router, on which I do some port forwarding, to access them from outside using my own domain name. So node1 would be accessible using domain:161 and node2 using domain:162, in https.
These nodes have my own SSL certificate, and it was working great until I put them in a new cluster.
I have created the cluster on node2 (more powerful hardware) and added node1 in it.
Since then I have the following issues :
Using the default SSL certificate
With Chrome
I cannot access the web interface by using the node_ip:8006. But I can access it if I add the server in my hosts file and use name_I_chose:8006. I cannot access it as well using the external domain:161
It have these errors in /var/log/daemon.log everytime I try to access the web interface :
Feb 24 22:07:05 node1 pveproxy[5777]: problem with client MY_IP; rsa_padding_check_pkcs1_type_1: block type is not 01
Feb 24 22:07:05 node1 pveproxy[5777]: Can't call method "timeout_reset" on an undefined value at /usr/share/perl5/PVE/HTTPServer.pm line 227.
With Edge
Here everything works both internally and externally.
Using my own SSL certificate
Here it is way simplier, nothing works, with any browser and no error message in /var/log/daemon.log. It just says :
Feb 24 21:45:55 node1 systemd[1]: Starting PVE API Proxy Server...
Feb 24 21:45:57 node1 pveproxy[5578]: Using '/etc/pve/local/pveproxy-ssl.pem' as certificate for the web interface.
Feb 24 21:45:57 node1 pveproxy[5588]: starting server
Feb 24 21:45:57 node1 pveproxy[5588]: starting 3 worker(s)
Feb 24 21:45:57 node1 pveproxy[5588]: worker 5589 started
Feb 24 21:45:57 node1 pveproxy[5588]: worker 5590 started
Feb 24 21:45:57 node1 pveproxy[5588]: worker 5591 started
On the browsers I have a nice page saying "we can't reach this page - ERR_CONNECTION_CLOSED".
Conclusion
So it looks like Chrome is not using the right padding scheme. But it was using the right one when the nodes were not in a cluster. And after the cluster was created, Proxmox does not handle other certificates correctly.
Did someone had or solved the same issue ?
Thank you a lot.
I came accross the error "401 - No ticket" for some time but solved it.