[SOLVED] TASK ERROR: Failed to initialize HTTP daemon

Tealk

Tealk

Member
Proxmox Subscriber
Sep 28, 2020
99
6
13
Hi,

I get the following error when renewing the certificate:
Code: 
Loading ACME account details
Placing ACME order
Order URL: https://acme-v02.api.letsencrypt.org/acme/order/97691557/6570515841

Getting authorization details from 'https://acme-v02.api.letsencrypt.org/acme/authz-v3/9035202833'
The validation for proxmox.anzah.network is pending!
Setting up webserver

TASK ERROR: Failed to initialize HTTP daemon

Port 80 is taken by nginx, but surely this is used by Proxmox?
Code: 
netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name   
tcp        0      0 127.0.0.1:85            0.0.0.0:*               LISTEN      9211/pvedaemon work
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      12609/sshd         
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN      16597/master       
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      9097/nginx: master 
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      9097/nginx: master 
tcp6       0      0 :::22                   :::*                    LISTEN      12609/sshd         
tcp6       0      0 :::3128                 :::*                    LISTEN      1289/spiceproxy     
tcp6       0      0 :::25                   :::*                    LISTEN      16597/master       
tcp6       0      0 :::443                  :::*                    LISTEN      9097/nginx: master 
tcp6       0      0 :::8006                 :::*                    LISTEN      11127/pveproxy     
tcp6       0      0 :::80                   :::*                    LISTEN      9097/nginx: master
 
Nginx must have been installed manually after the last Letsencrypt verification because PVE is not using it at all. The HTTP validation method for Letsencrypt is trying to start its own small webserver on port 80 for the verification which fails because Nginx already did bind to that port.

Do you really need the nginx listening on port 80? If not, reconfigure it accordingly. Then the verification process should work.
 
Any chance to set the port to anything else?
I have a reverse proxy running on the Proxmox host which I cannot stop every time I have to renew the certificate
 
no. if you need the reverse proxy on the IP that the PVE domain resolves to you have two options:
- use the DNS plugin (requires support from your DNS provider/server)
- use nginx to obtain the certificate (via whatever ACME client) and just give it to PVE (pvenode cert set ..) after each renewal, instead of using the PVE built-in ACME support
 
fabian said:
- use nginx to obtain the certificate (via whatever ACME client) and just give it to PVE (pvenode cert set ..) after each renewal, instead of using the PVE built-in ACME support
Click to expand...
What should the command look like?

Code: 
pvenode cert set /path/to/cert /path/to/key --force --restart
 
yes.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back