d-bis/proxmox
4
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
cb47cce074da46f3ce5910b752d435c4a3ee87d0
proxmox/docs/PROXMOX_SSL_CERTIFICATE_FIX.md
defiQUG cb47cce074 Complete markdown files cleanup and organization 
- Organized 252 files across project
- Root directory: 187 → 2 files (98.9% reduction)
- Moved configuration guides to docs/04-configuration/
- Moved troubleshooting guides to docs/09-troubleshooting/
- Moved quick start guides to docs/01-getting-started/
- Moved reports to reports/ directory
- Archived temporary files
- Generated comprehensive reports and documentation
- Created maintenance scripts and guides

All files organized according to established standards.
2026-01-06 01:46:25 -08:00

2.4 KiB
Raw Blame History

Proxmox VE SSL Certificate Fix - Error 596

Date: 2025-01-20
Error: Connection error 596: error:0A000086:SSL routines::certificate verify failed
Status: Fixed

Problem

The Proxmox VE UI displays:

Connection error 596: error:0A000086:SSL routines::certificate verify failed

This SSL certificate verification error prevents the UI from connecting to the Proxmox API.

Solution Applied

Fix: Regenerate Cluster Certificates

Regenerated SSL certificates on all Proxmox nodes using:

pvecm updatecerts -f
systemctl restart pveproxy pvedaemon

Executed on:

  • ml110 (192.168.11.10) - Cluster master
  • r630-01 (192.168.11.11)
  • r630-02 (192.168.11.12)

What This Does

pvecm updatecerts -f:

  • Forces regeneration of all cluster SSL certificates
  • Updates the certificate chain
  • Regenerates node-specific certificates
  • Updates the root CA certificate if needed

Next Steps

  1. Clear browser cache and cookies

    • Chrome/Edge: Settings → Privacy → Clear browsing data → Advanced
    • Firefox: Settings → Privacy & Security → Clear Data

  2. Access Proxmox UI

    • URL: https://<node-ip>:8006
    • Example: https://192.168.11.10:8006

  3. Accept certificate warning (if prompted)

    • First-time access may show a security warning
    • Click "Advanced" → "Proceed to site"
    • This is normal for self-signed certificates

Verification

To verify the fix worked:

# Check certificate validity
openssl x509 -in /etc/pve/pve-root-ca.pem -noout -dates

# Check services are running
systemctl status pveproxy pvedaemon

If Issue Persists

  1. Clear browser SSL state:

    • Chrome: Settings → Privacy → Clear browsing data → Advanced → "Cached images and files"
    • Firefox: Settings → Privacy & Security → Clear Data → "Cached Web Content"

  2. Check system time:

    date  # Verify time is correct
# If wrong, sync: ntpdate -s time.nist.gov

  3. Try accessing via IP address directly (not hostname)

  4. Check firewall: Ensure port 8006 is accessible

Script Created

Script: scripts/fix-proxmox-ssl-simple.sh

Can be run to regenerate certificates on all nodes:

./scripts/fix-proxmox-ssl-simple.sh

Status

Certificates regenerated on all nodes
Services restarted
Fix complete

Last Updated: 2025-01-20
Status: FIXED

Reference in New Issue View Git Blame Copy Permalink