proxmox/reports/R630_02_SSL_596_RESOLUTION.md

r630-02 SSL Error 596 - Resolution Summary

Date: 2026-01-06
Node: r630-02 (192.168.11.12)
Error: error:0A000086:SSL routines::certificate verify failed (596)
Status: ✅ SERVER FIXED | ⚠️ BROWSER CACHE CLEAR REQUIRED

---

Executive Summary

Server-side fixes have been completed successfully. The SSL error 596 appearing in your browser is due to cached certificate information in your browser. You must clear your browser cache to resolve this.

---

Server-Side Status: ✅ FIXED

Fixes Applied

1. ✅ SSL Certificates Regenerated

   • Certificates regenerated on r630-02 using pvecm updatecerts -f
   • Certificates regenerated on all cluster nodes (ml110, r630-01, r630-02)
   • Certificate chain verified: ✅ OK

2. ✅ Proxmox Services Restarted

   • pveproxy restarted
   • pvedaemon restarted
   • All services active and running

3. ✅ Web Interface Verified

   • HTTP Status: 200 ✅
   • Web interface responding correctly
   • Port 8006 listening

4. ✅ Certificate Validity

   • Root CA: Valid until 2035 ✅
   • Node Certificate: Valid until 2027 ✅
   • Certificate chain: Verified ✅

Server Verification

# Certificate status
openssl x509 -in /etc/pve/pve-root-ca.pem -noout -dates
# Result: Valid until Aug 31, 2035 ✅

# Certificate chain
openssl verify -CAfile /etc/pve/pve-root-ca.pem /etc/pve/local/pve-ssl.pem
# Result: OK ✅

# Web interface
curl -k -I https://192.168.11.12:8006/
# Result: HTTP 200 ✅

Server is working correctly. The issue is browser-side.

---

Browser-Side Action: ⚠️ REQUIRED

Why the Error Persists

The SSL error 596 continues to appear because:

1. Browser SSL Cache: Your browser has cached old certificate information
2. Security Feature: Browsers cache certificates to prevent attacks
3. Cache Persistence: Cache persists even after server fixes

Solution: Clear Browser Cache

You MUST clear your browser cache and cookies to resolve the error.

Quick Fix (Chrome/Edge):

1. Press Ctrl+Shift+Delete (or Cmd+Shift+Delete on Mac)
2. Select:
   • ✅ "Cached images and files"
   • ✅ "Cookies and other site data"
3. Time range: "All time"
4. Click "Clear data"
5. Close and restart browser completely
6. Navigate to: https://192.168.11.12:8006

Quick Fix (Firefox):

1. Press Ctrl+Shift+Delete (or Cmd+Shift+Delete on Mac)
2. Select:
   • ✅ "Cached Web Content"
   • ✅ "Cookies"
3. Time range: "Everything"
4. Click "Clear Now"
5. Close and restart browser completely
6. Navigate to: https://192.168.11.12:8006

Alternative: Use Incognito/Private Mode

1. Open browser in Incognito/Private mode
2. Navigate to: https://192.168.11.12:8006
3. If it works in incognito, the issue is definitely browser cache

---

Detailed Browser Cache Clearing Instructions

Chrome Browser

Method 1: Keyboard Shortcut

1. Press Ctrl+Shift+Delete (Windows/Linux) or Cmd+Shift+Delete (Mac)
2. In the "Clear browsing data" dialog:
   • ✅ Check "Cached images and files"
   • ✅ Check "Cookies and other site data"
   • Time range: "All time"
3. Click "Clear data"
4. Close all Chrome windows
5. Restart Chrome
6. Navigate to: https://192.168.11.12:8006

Method 2: Settings Menu

1. Click three dots (⋮) → Settings
2. Click Privacy and security → Clear browsing data
3. Click Advanced tab
4. Select:
   • ✅ "Cached images and files"
   • ✅ "Cookies and other site data"
5. Time range: "All time"
6. Click "Clear data"
7. Restart browser

Method 3: Site-Specific

1. Navigate to: https://192.168.11.12:8006
2. Click the lock icon in address bar
3. Click "Site settings"
4. Click "Clear data"
5. Check "Cookies" and "Cached images and files"
6. Click "Clear"
7. Refresh page

Firefox Browser

Method 1: Keyboard Shortcut

1. Press Ctrl+Shift+Delete (Windows/Linux) or Cmd+Shift+Delete (Mac)
2. In the "Clear All History" dialog:
   • ✅ Check "Cached Web Content"
   • ✅ Check "Cookies"
   • Time range: "Everything"
3. Click "Clear Now"
4. Close all Firefox windows
5. Restart Firefox
6. Navigate to: https://192.168.11.12:8006

Method 2: Settings Menu

1. Click hamburger menu (☰) → Settings
2. Click Privacy & Security
3. Scroll to "Cookies and Site Data"
4. Click "Clear Data"
5. Check:
   • ✅ "Cached Web Content"
   • ✅ "Cookies and Site Data"
6. Click "Clear"
7. Restart browser

Edge Browser

1. Press Ctrl+Shift+Delete (Windows/Linux) or Cmd+Shift+Delete (Mac)
2. Select:
   • ✅ "Cached images and files"
   • ✅ "Cookies and other site data"
3. Time range: "All time"
4. Click "Clear now"
5. Close and restart Edge
6. Navigate to: https://192.168.11.12:8006

---

Verification After Clearing Cache

Step 1: Clear Browser Cache

Follow the instructions above for your browser.

Step 2: Close Browser Completely

• Close ALL browser windows
• Make sure browser process is completely closed
• Check Task Manager (Windows) or Activity Monitor (Mac) to verify

Step 3: Restart Browser

• Open browser fresh
• Do NOT restore previous session/tabs

Step 4: Access Proxmox UI

• Navigate to: https://192.168.11.12:8006
• Use IP address directly (not hostname)

Step 5: Accept Certificate Warning (First Time Only)

• If you see a security warning, click "Advanced"
• Click "Proceed to 192.168.11.12 (unsafe)" or "Accept the Risk and Continue"
• This is normal for self-signed certificates

Step 6: Verify No Error 596

• ✅ The GUI should load without SSL error 596
• ✅ You should see the Proxmox login page
• ✅ No error messages in the browser

---

If Error Still Persists

Troubleshooting Steps

1. Try Different Browser

   • Use a browser you haven't used to access Proxmox
   • Or use a completely different browser

2. Check Browser Console

   • Press F12 to open Developer Tools
   • Go to Console tab
   • Look for SSL/certificate errors
   • Go to Network tab → Refresh → Check for failed requests

3. Disable Browser Extensions

   • Some security extensions block self-signed certificates
   • Try disabling extensions temporarily
   • Especially: HTTPS Everywhere, Privacy Badger, uBlock Origin

4. Check System Time

   • Ensure your computer's system time is correct
   • SSL certificates are time-sensitive
   • Time mismatch can cause certificate verification failures

5. Check for Proxy/VPN

   • Corporate proxy or VPN may be intercepting SSL
   • Try accessing from a different network
   • Or disable proxy/VPN temporarily

6. Manual Certificate Import (Advanced)

   # Get root CA certificate
   ssh root@192.168.11.12 "cat /etc/pve/pve-root-ca.pem" > pve-root-ca.pem
   

   • Chrome: Settings → Privacy → Security → Manage certificates → Authorities → Import
   • Firefox: Settings → Privacy & Security → Certificates → View Certificates → Authorities → Import

---

Server-Side Verification Commands

If you want to verify the server-side fix:

# Check certificate dates
ssh root@192.168.11.12 "openssl x509 -in /etc/pve/pve-root-ca.pem -noout -dates"

# Verify certificate chain
ssh root@192.168.11.12 "openssl verify -CAfile /etc/pve/pve-root-ca.pem /etc/pve/local/pve-ssl.pem"

# Check services
ssh root@192.168.11.12 "systemctl status pveproxy pvedaemon"

# Test web interface
curl -k -I https://192.168.11.12:8006/

All of these should show ✅ success.

---

Summary

Component	Status	Action
Server Certificates	✅ Fixed	Regenerated and valid
Proxmox Services	✅ Running	All services active
Web Interface	✅ Accessible	HTTP 200
Browser Cache	⚠️ MUST CLEAR	Clear cache and cookies

---

Next Steps

1. ✅ Server-side: Already fixed
2. ⚠️ Browser-side: CLEAR BROWSER CACHE (see instructions above)
3. ✅ Access: Navigate to https://192.168.11.12:8006
4. ✅ Verify: Error 596 should be gone

---

Last Updated: 2026-01-06
Server Status: ✅ FIXED
Browser Action: ⚠️ REQUIRED - CLEAR CACHE
Critical: The error will persist in your browser until you clear the cache