SSL certificate problem: certificate has expired -- the OpenSSL 1.0.2 vs LetsEncrypt issue

How helpful was this to resolving the certificate is expired issue?

  • Not technical enough

    Votes: 0 0.0%
  • You suck, Grinch!

    Votes: 0 0.0%

  • Total voters
    8
  • Poll closed .

marcevan

Patron
Joined
Dec 15, 2013
Messages
432
Already did. And used post #21 to update the certs, but all that still doesn't let me add a series or import from disk.

Noticed when I tested an indexer and it fails the log shows:

-- : Unable to connect to indexer, check the log for more details
2022-02-17 17:15:22.8|Debug|Api|[POST] /api/v3/indexer/test: 400.BadRequest (27 ms)
2022-02-17 17:15:39.5|Debug|Api|[GET] /api/v3/health: 200.OK (0 ms)
2022-02-17 17:15:39.5|Debug|Api|[GET] /api/v3/system/status: 200.OK (0 ms)
2022-02-17 17:15:39.5|Debug|DiskProvider|Unable to get free space for '/', unable to find suitable drive
2022-02-17 17:15:39.5|Debug|Api|[GET] /api/v3/diskspace: 200.OK (2 ms)
2022-02-17 17:15:40.5|Debug|Api|[GET] /api/v3/log/file: 200.OK (4 ms)
 

justonarnar

Cadet
Joined
Feb 25, 2017
Messages
2
I was able to resolve the read-only file system error with the help of https://www.truenas.com/community/t...icates-after-latest-update.96008/#post-665104, but without importing the cacert from some random website:

Inside effected jail
* edit /usr/local/share/certs/ca-root-nss.crt and delete the Root CA X3 cert, as jcreco said
* run cert-sync --user /usr/local/share/certs/ca-root-nss.crt which shouldn't throw read-only errors

Outside jail
Copy .config/.mono from inside the jail (one that was just updated with cert-sync), into the base template:
* cp -R /mnt/<POOL NAME>/iocage/jails/<JAIL NAME>/root/root/.config/.mono /mnt/<POOL NAME>/iocage/releases/<JAIL RELEASE NAME>/root/usr/share/.mono

for example if your pool is named tank, your jail was testjail, and that jail was on freebsd 12.2, you would use cp -R /mnt/tank/iocage/jails/testjail/root/root/.config/.mono /mnt/tank/iocage/releases/12.2-RELEASE/root/usr/share/.mono
 

Jedge

Cadet
Joined
Aug 23, 2021
Messages
8
Hi guy's, I've been trying to solve this update error by myself following the recommanded advice here, but keep getting this "Unable to connect to url https://update-master.ixsystems.com/TrueNAS/TrueNAS-13.0-STABLE/LATEST: Automatic update check failed. Please check system network settings."

From the shell I can resolve the server name without problem, I've deleted the DST Root CA X3 certificates, rebooted, and still stuck with this error.
I installed also the latest Truenas Core "TrueNAS-13.0-U2-manual-update" manual file and it did not solve anything either :/

Any advice before I scrap my boot system ?
 

Samuel Tai

Never underestimate your own stupidity
Moderator
Joined
Apr 24, 2020
Messages
5,398
Do you have a default gateway configured? What does Network->Network Summary show?
 

Jedge

Cadet
Joined
Aug 23, 2021
Messages
8
Hi, this :

Network Summary

Interfaces​


Name
IPv4 Address
IPv6 Address

bge1
192.168.1.5/5
fe80::af1:eaff:fe8d:ba27/64

Default Routes​


router192.168.1.1

Nameservers​


dns192.168.1.1
 

Jedge

Cadet
Joined
Aug 23, 2021
Messages
8
I have another Truenas fresh installation with the same settings and it works just fine.
 

Samuel Tai

Never underestimate your own stupidity
Moderator
Joined
Apr 24, 2020
Messages
5,398
Your IPv4 mask looks wrong. Is it really /5? Usually, for a 192.168.x.x network, the mask is /24.
 

Jedge

Cadet
Joined
Aug 23, 2021
Messages
8
I'm stupid, I took that for an IP range, not a netmask (windows man inside), thank you very much, it's woring now:)
 
Top