Fix Nginx Problem

    • Resolved
    • OMV 3.x

    This site uses cookies. By continuing to browse this site, you are agreeing to our Cookie Policy.

    • Fix Nginx Problem

      I am having some issues with updating my SSL certificate, and need to figure out how to remove the configuration for my old SSL certificate via the terminal because right now, I cannot get to my webui. Here is what happens when I try to start nginx. I think I can handle the SSL issues on my own, but I need help removing my SSL certificate settings so that I can get to the webui to clean up the rest of this mess.

      Source Code

      1. root@OpenMediaVault:/etc/nginx# nginx
      2. nginx: [emerg] SSL_CTX_use_PrivateKey_file("/etc/ssl/private/openmediavault-15a12e09-d9c6-43c1-ab2f-7c239f69c5e0.key") failed (SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch)
      3. root@OpenMediaVault:/etc/nginx#
      I am going to tag @ryecoaaron @votdev and @subzero79 since I am sure they will know what to do.

      The post was edited 1 time, last by David B ().

    • Did you try omv-firstaid?

      If that doesn't work, look for that uuid in the key filename in /etc/openmediavault/config.xml and remove it (make a backup of the database first). Then omv-mkconf nginx
      omv 4.1.13 arrakis | 64 bit | 4.15 proxmox kernel | omvextrasorg 4.1.13
      omv-extras.org plugins source code and issue tracker - github

      Please read this before posting a question and this and this for docker questions.
      Please don't PM for support... Too many PMs!
    • David B wrote:

      ryecoaaron wrote:

      Did you try omv-firstaid?

      If that doesn't work, look for that uuid in the key filename in /etc/openmediavault/config.xml and remove it (make a backup of the database first). Then omv-mkconf nginx
      Thanks! Manually editing the config.xml worked! I had already tried the omv-firstaid beforehand and it didn't work.
      I got the exact problem as you. Can you tell me your steps to solve?
    • penguinsam wrote:

      David B wrote:

      ryecoaaron wrote:

      Did you try omv-firstaid?

      If that doesn't work, look for that uuid in the key filename in /etc/openmediavault/config.xml and remove it (make a backup of the database first). Then omv-mkconf nginx
      Thanks! Manually editing the config.xml worked! I had already tried the omv-firstaid beforehand and it didn't work.
      I got the exact problem as you. Can you tell me your steps to solve?
      Sure! First, execute the following commands in the order that is listed.

      1. cd /etc/openmediavault
      2. cp -v config.xml config.xml.bak
      3. nano config.xm
      This is where things get a little difficult. Find the <sslcertificate> tag in the file, and find the matching </sslcertificate> tag. Erase everything between those two tags. This will remove all SSL certificates. Depending on your settings, you may also have to find the <enablessl> and </enablessl> tags and change the value in between them from 1 to 0. You may also have to change the value between <forcesslonly> and </forcesslonly> from 1 to 0.

      Save your changes to the file (press ctrl+x, then 'y'). After you have exited the text editor, type omv-mkconf nginx. Assuming that this works properly, you should now be able to access your web UI. If you didn't get any errors, but it is still not accessible, try a reboot.

      If you suspect that you made a mistake when editing your config.xml file, you can restore it by executing the following command: cp -v config.xml.bak config.xml

      Hope this helps!
    • David B wrote:

      penguinsam wrote:

      David B wrote:

      ryecoaaron wrote:

      Did you try omv-firstaid?

      If that doesn't work, look for that uuid in the key filename in /etc/openmediavault/config.xml and remove it (make a backup of the database first). Then omv-mkconf nginx
      Thanks! Manually editing the config.xml worked! I had already tried the omv-firstaid beforehand and it didn't work.
      I got the exact problem as you. Can you tell me your steps to solve?
      Sure! First, execute the following commands in the order that is listed.
      1. cd /etc/openmediavault
      2. cp -v config.xml config.xml.bak
      3. nano config.xm
      This is where things get a little difficult. Find the <sslcertificate> tag in the file, and find the matching </sslcertificate> tag. Erase everything between those two tags. This will remove all SSL certificates. Depending on your settings, you may also have to find the <enablessl> and </enablessl> tags and change the value in between them from 1 to 0. You may also have to change the value between <forcesslonly> and </forcesslonly> from 1 to 0.

      Save your changes to the file (press ctrl+x, then 'y'). After you have exited the text editor, type omv-mkconf nginx. Assuming that this works properly, you should now be able to access your web UI. If you didn't get any errors, but it is still not accessible, try a reboot.

      If you suspect that you made a mistake when editing your config.xml file, you can restore it by executing the following command: cp -v config.xml.bak config.xml

      Hope this helps!
      Thanks a lot! I finally get back to web UI and reinstall letsencrypt to get everything back to track...
    • I get the same error but I think for a different reason.

      Source Code

      1. Dec 19 09:54:29 openmediavault nginx[5272]: nginx: [emerg] SSL_CTX_use_PrivateKey_file("/etc/ssl/private/openmediavault-a117bafb-2f78-4c46-a993-2ffade5525e4.key") failed (SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch)
      2. Dec 19 09:54:29 openmediavault nginx[5272]: nginx: configuration file /etc/nginx/nginx.conf test failed
      3. Dec 19 09:54:29 openmediavault systemd[1]: nginx.service: control process exited, code=exited status=1
      4. Dec 19 09:54:29 openmediavault systemd[1]: Failed to start A high performance web server and a reverse proxy server.
      5. Dec 19 09:54:29 openmediavault systemd[1]: Unit nginx.service entered failed state.
      I deleted the /etc/letsencrypt/ directory to solve a problem I had with renewal the letsencrypt certificate. It was probably the same issue as described in this thread: Let's Encrypt renew problem. The renewal worked after that but I accidentally set the webroot to /var/www/openmediavault/ instead of /srv/dev-disk-by-label-MainPool/nextcloud/ when I generated a new certificate.

      I tried the solution mentioned above but it didn't do the trick. Is there something I could do about that? Maybe with certbot or generating a new certificate. I only need one for my nextcloud.

      Edit:
      I deleted everything between the sslcertificate tags, executed omv-mkconf nginx, removed the link [tt]/etc/nginx/sites-enabled/zzz-something[tt] and did a restart of the nginx service. After that I was able to log in to the webgui. I thought it would be a good idea to delete the certificate at Services/LetsEncrypt and System/Certificates but the delete button was greyed-out. So I generated a new Certificate with the correct webroot path and did a reboot. Now there is no certificate at System/Certificates/SSL and I get the following error when I click on Certificates or General Settings:


      Source Code

      1. Argument 1 passed to OMV\Config\ConfigObject::setAssoc() must be of the type array, string given, called in /usr/share/php/openmediavault/config/database.inc on line 85 and defined

      Is there a way to fix this. Maybe backup all settings and reinstall OMV? It would be really great if someone could help me.

      The post was edited 1 time, last by suisujin ().