Proxmox VE noVNC SSL Issue

kvm: -vnc unix:/var/run/qemu-server/105.vnc,x509,password: Failed to start VNC server: Unable to access credentials /etc/pve/local/pve-ssl.pem: No such file or directory
TASK ERROR: start failed: command ‘/usr/bin/kvm -id 105 -chardev……

Revert to default SSL configuration

rm -rf /etc/pve/pve-root-ca.pem
rm -rf /etc/pve/priv/pve-root-ca.key
rm -rf /etc/pve/nodes/pve01/pve-ssl.pem
rm -rf /etc/pve/nodes/pve01/pve-ssl.key
rm /etc/pve/pve-root-ca.pem /etc/pve/priv/pve-root-ca.key

pvecm updatecerts -f
systemctl restart pveproxy

Add Let’s Encrypt SSL Certificate to Nagios 4.x running on CentOS 7

The easiest way to install Let’s Encrypt client by cloning github repository. To install git on your system you must enable Epel repositories with the following command

yum -y install epel-release

Install git client

yum -y install git

Change directory and go to /usr/src

cd /usr/src/

Clone Let’s Encrypt Client from Github

git clone https://github.com/letsencrypt/letsencrypt 
cd /usr/src/letsencrypt

Run letsencrypt-auto script with your domain name

./letsencrypt-auto --apache -d FullyQualifiedDomainName

This Script will download and install all necessary packages.

Answer following questions.

- Enter email address ( Used for urgent renewal and security notices)
- Please read the Terms of Service and Accept it
- Would you be willing to share your email.....
- Select ssl.conf

IMPORTANT NOTES: – Congratulations! Your certificate and chain have been saved at:   /etc/letsencrypt/live/ YourFullDomainName/fullchain.pem   Your key file has been saved at:   /etc/letsencrypt/live/YourFullDomainName /privkey.pem   Your cert will expire on 2017-11-12. To obtain a new or tweaked   version of this certificate in the future, simply run   letsencrypt-auto again with the “certonly” option. To   non-interactively renew *all* of your certificates, run   “letsencrypt-auto renew” – Your account credentials have been saved in your Certbot   configuration directory at /etc/letsencrypt. You should make a   secure backup of this folder now. This configuration directory will   also contain certificates and private keys obtained by Certbot so   making regular backups of this folder is ideal.

Certificate has been installed successfully.

Let’s Encrypt certificate is only valid for 90 days. To renew automatically add following line to your corn job.

0 1 12 * * /usr/src/letsencrypt/certbot-auto renew

Add Let’s Encrypt Certificate to Webmin

Login to Webmin site using https://your-domain-name.com:10000

Once you log in, you will see Webmin Dashboard.

Click on your server’s hostname

You will be presented Hostname and DNS Client page.

Enter a fully qualified Domain Name into hostname filed and click on Save.

Go to Webmin Configuration then select SSL Encryption

Using following screen obtains and renew certificate.

We can setup Webmin to automatically renew certificate.

Hostname for certificate: Make sure you have typed correct Fully Qualified Domain Name

Website root directory for validation file: Enter /var/www/html/

Months between automatic renewal:  Select the radio button to the left of the input box and type 1 in the input box

Click on Request Certificate Button

After a few seconds, you will see a confirmation screen.

Restart Webmin

Reload the Webmin page and you browser will show valid certificate.