Server certificate verification failed when updating

From Proxmox VE
Revision as of 11:09, 18 July 2017 by Emmanuel Kasper (talk | contribs) (fix word breaks)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

If you're running PVE 4.2 or older, and get the following error

Err jessie/pve-enterprise amd64 Packages
server certificate verification failed. CAfile: /etc/apt/pve-repo-ca-certificates.crt CRLfile: none
W: Failed to fetch server certificate verification failed. CAfile: /etc /apt/pve-repo-ca-certificates.crt CRLfile: none

you need to remove the lines "/etc/apt/pve-repo-ca-certificates.crt"; "true";

in /etc/apt/apt.conf.d/75pveconf


The SSL certificate for the host has changed.

  • Before PVE 4.2.18 the SSL certificate used to access was hardcoded to expected a SSL certificate signed by StartCom.
  • In PVE 4.2.18, released in August 2016 this limitation was removed.
  • In July 2017, after waiting one year to let people on the PVE 4.x branch upgrade, we changed the SSL certificate on to use a let's encrypt certificate.

Hence people running old versions who did not upgrade in the one year time slot expect a StartCom signed SSL certificate, and get the error when receving the new let's encrypt cert.