8b67fcbda1
- Created docs/00-meta/ for documentation meta files (11 files) - Created docs/archive/reports/ for reports (5 files) - Created docs/archive/issues/ for issue tracking (2 files) - Created docs/bridge/contracts/ for Solidity contracts (3 files) - Created docs/04-configuration/metamask/ for Metamask configs (3 files) - Created docs/scripts/ for documentation scripts (2 files) - Root directory now contains only 3 essential files (89.3% reduction) All recommended actions from docs directory review complete.
3.6 KiB
3.6 KiB
How to Fix SSL Certificate Error 596 on Each Proxmox Host
Error: error:0A000086:SSL routines::certificate verify failed (596)
Important: Host vs Container Commands
⚠️ These commands must be run on Proxmox HOST nodes, NOT inside containers.
pvecm updatecerts -f- Proxmox host command (not available in containers)systemctl restart pveproxy pvedaemon- Proxmox host services (not in containers)
Method 1: Automated Script (Recommended)
Run the fix on all Proxmox host nodes automatically:
cd /home/intlc/projects/proxmox
./scripts/fix-ssl-certificate-all-hosts.sh
This will:
- Connect to each Proxmox host node
- Run
pvecm updatecerts -fon each host - Restart
pveproxyandpvedaemonservices on each host - Verify services are running
Method 2: Manual Fix - One Host at a Time
For Each Proxmox Host Node:
Proxmox Host Nodes:
- ml110: 192.168.11.10
- r630-01: 192.168.11.11
- r630-02: 192.168.11.12
- r630-03: 192.168.11.13
- r630-04: 192.168.11.14
Commands to run on EACH host:
# SSH to the Proxmox host (NOT a container)
ssh root@<host-ip>
# Once on the host, run:
pvecm updatecerts -f
systemctl restart pveproxy pvedaemon
# Verify services are running
systemctl status pveproxy pvedaemon
Example for ml110:
ssh root@192.168.11.10
pvecm updatecerts -f
systemctl restart pveproxy pvedaemon
systemctl status pveproxy pvedaemon
exit
Example for r630-01:
ssh root@192.168.11.11
pvecm updatecerts -f
systemctl restart pveproxy pvedaemon
systemctl status pveproxy pvedaemon
exit
Method 3: Loop Through All Hosts
Run the fix on all hosts in a loop:
# List of Proxmox host IPs
HOSTS=(
"192.168.11.10" # ml110
"192.168.11.11" # r630-01
"192.168.11.12" # r630-02
"192.168.11.13" # r630-03
"192.168.11.14" # r630-04
)
# Fix each host
for HOST_IP in "${HOSTS[@]}"; do
echo "=== Fixing $HOST_IP ==="
ssh root@"$HOST_IP" "
pvecm updatecerts -f
systemctl restart pveproxy pvedaemon
systemctl status pveproxy pvedaemon --no-pager | head -5
"
echo ""
done
Method 4: Using pvesh (Proxmox API)
If you have API access configured:
# For each host, SSH and run:
ssh root@<host-ip> "pvecm updatecerts -f && systemctl restart pveproxy pvedaemon"
What NOT to Do
❌ Don't run these commands inside containers:
# WRONG - This won't work in a container
pct exec 100 -- pvecm updatecerts -f # ❌ pvecm doesn't exist in containers
pct exec 100 -- systemctl restart pveproxy # ❌ These services don't exist in containers
✅ Do run these commands on the Proxmox HOST:
# CORRECT - Run on the host itself
ssh root@192.168.11.10
pvecm updatecerts -f
systemctl restart pveproxy pvedaemon
Verification
After fixing, verify on each host:
# Check certificate
ssh root@<host-ip> "openssl x509 -in /etc/pve/pve-root-ca.pem -noout -dates"
# Check services
ssh root@<host-ip> "systemctl status pveproxy pvedaemon"
# Test web interface
curl -k -I https://<host-ip>:8006/
After Fixing All Hosts
- Clear browser cache and cookies
- Access Proxmox UI:
https://<host-ip>:8006 - Accept certificate warning if prompted (first time only)
Quick Reference
All Proxmox Host Nodes:
# Fix all hosts at once
for ip in 192.168.11.{10..14}; do
echo "Fixing $ip..."
ssh root@"$ip" "pvecm updatecerts -f && systemctl restart pveproxy pvedaemon"
done
Or use the automated script:
./scripts/fix-ssl-certificate-all-hosts.sh
Last Updated: 2026-01-27