Fix Nginx Problem

  • I am having some issues with updating my SSL certificate, and need to figure out how to remove the configuration for my old SSL certificate via the terminal because right now, I cannot get to my webui. Here is what happens when I try to start nginx. I think I can handle the SSL issues on my own, but I need help removing my SSL certificate settings so that I can get to the webui to clean up the rest of this mess.

    Code
    root@OpenMediaVault:/etc/nginx# nginx
    nginx: [emerg] SSL_CTX_use_PrivateKey_file("/etc/ssl/private/openmediavault-15a12e09-d9c6-43c1-ab2f-7c239f69c5e0.key") failed (SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch)
    root@OpenMediaVault:/etc/nginx#

    I am going to tag @ryecoaaron @votdev and @subzero79 since I am sure they will know what to do.

    • Offizieller Beitrag

    Did you try omv-firstaid?


    If that doesn't work, look for that uuid in the key filename in /etc/openmediavault/config.xml and remove it (make a backup of the database first). Then omv-mkconf nginx

    omv 7.0.4-2 sandworm | 64 bit | 6.5 proxmox kernel

    plugins :: omvextrasorg 7.0 | kvm 7.0.10 | compose 7.1.2 | k8s 7.0-6 | cputemp 7.0 | mergerfs 7.0.3


    omv-extras.org plugins source code and issue tracker - github


    Please try ctrl-shift-R and read this before posting a question.

    Please put your OMV system details in your signature.
    Please don't PM for support... Too many PMs!

  • Did you try omv-firstaid?


    If that doesn't work, look for that uuid in the key filename in /etc/openmediavault/config.xml and remove it (make a backup of the database first). Then omv-mkconf nginx

    Thanks! Manually editing the config.xml worked! I had already tried the omv-firstaid beforehand and it didn't work.

  • I got the exact problem as you. Can you tell me your steps to solve?

    Sure! First, execute the following commands in the order that is listed.


    • cd /etc/openmediavault
    • cp -v config.xml config.xml.bak
    • nano config.xm

    This is where things get a little difficult. Find the <sslcertificate> tag in the file, and find the matching </sslcertificate> tag. Erase everything between those two tags. This will remove all SSL certificates. Depending on your settings, you may also have to find the <enablessl> and </enablessl> tags and change the value in between them from 1 to 0. You may also have to change the value between <forcesslonly> and </forcesslonly> from 1 to 0.


    Save your changes to the file (press ctrl+x, then 'y'). After you have exited the text editor, type omv-mkconf nginx. Assuming that this works properly, you should now be able to access your web UI. If you didn't get any errors, but it is still not accessible, try a reboot.


    If you suspect that you made a mistake when editing your config.xml file, you can restore it by executing the following command: cp -v config.xml.bak config.xml


    Hope this helps!

  • Thanks a lot! I finally get back to web UI and reinstall letsencrypt to get everything back to track...

  • I get the same error but I think for a different reason.

    Code
    Dec 19 09:54:29 openmediavault nginx[5272]: nginx: [emerg] SSL_CTX_use_PrivateKey_file("/etc/ssl/private/openmediavault-a117bafb-2f78-4c46-a993-2ffade5525e4.key") failed (SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch)
    Dec 19 09:54:29 openmediavault nginx[5272]: nginx: configuration file /etc/nginx/nginx.conf test failed
    Dec 19 09:54:29 openmediavault systemd[1]: nginx.service: control process exited, code=exited status=1
    Dec 19 09:54:29 openmediavault systemd[1]: Failed to start A high performance web server and a reverse proxy server.
    Dec 19 09:54:29 openmediavault systemd[1]: Unit nginx.service entered failed state.

    I deleted the /etc/letsencrypt/ directory to solve a problem I had with renewal the letsencrypt certificate. It was probably the same issue as described in this thread: Let's Encrypt renew problem. The renewal worked after that but I accidentally set the webroot to /var/www/openmediavault/ instead of /srv/dev-disk-by-label-MainPool/nextcloud/ when I generated a new certificate.


    I tried the solution mentioned above but it didn't do the trick. Is there something I could do about that? Maybe with certbot or generating a new certificate. I only need one for my nextcloud.


    Edit:
    I deleted everything between the sslcertificate tags, executed omv-mkconf nginx, removed the link [tt]/etc/nginx/sites-enabled/zzz-something[tt] and did a restart of the nginx service. After that I was able to log in to the webgui. I thought it would be a good idea to delete the certificate at Services/LetsEncrypt and System/Certificates but the delete button was greyed-out. So I generated a new Certificate with the correct webroot path and did a reboot. Now there is no certificate at System/Certificates/SSL and I get the following error when I click on Certificates or General Settings:



    Code
    Argument 1 passed to OMV\Config\ConfigObject::setAssoc() must be of the type array, string given, called in /usr/share/php/openmediavault/config/database.inc on line 85 and defined


    Is there a way to fix this. Maybe backup all settings and reinstall OMV? It would be really great if someone could help me.

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!