Secure Connection Failed

**NethServer Version:7.9

Hi,
I tried to change the SSL Cert by uploading a wildcard ssl to the server but I received an error message when tried to set the cert for a reverse proxy and since then the web gui is unreachable, the reverse proxy isn’t working.
When I try to open the gui I receive the following error:

Screenshot 2022-09-16 at 14.52.311800×900 123 KB

the /var/www/html folder contains only a .well-known folder witch has another empty folder in it.
I had no web pages on the server but I’m not sure if this should be empty, or where actually is the Nethserver webpage at all.

The vpn is working on the server.

Please help me restore the server so I could reach the gui and get the reverse proxy to work.
thx

Nethserver… 7.6? Really?

I wasn’t sure, since it’s not working I couldn’t check, corrected to 7.9

Can you access via SSH?

yes I can

You can “reset” configuration to default certificate:

Do not know about the reverse proxy.

Hi
unfortunately:
config: command not found

created new key and a self signed certificate, copied them into place, now the httpd service is able to start but the web gui still won’t load, the same error appears

as root user?

not, just sudoer, should I do it as root?

yes, as root… you cau use su - to switch to

did as root but I got the same result.
here is what I did as root:
openssl genrsa -out domain.key 2048
openssl req -key domain.key -new -out domain.csr
openssl x509 -signkey domain.key -in domain.csr -req -days 730 -out domain.crt
cp domain.crt /etc/pki/tls/certs/localhost.crt
cp domain.key /etc/pki/tls/private/localhost.key
service httpd restart

what about the config commands? you get command not found as root?
cockpit (port 9090) does not rely on httpd (IIRC). Old server manager (neth-gui, port 980 relies on apache but has configured it’s own service httpd-admin)

there are a couple of cockpit services (if memory serves me well):

systemctl status -l cockpit.service cockpit.socket

[root@ad gyaradm]# config
bash: config: command not found

[root@ad gyaradm]# systemctl status -l cockpit.service cockpit.socket
part of the reply:
● cockpit.socket - Cockpit Web Service Socket
Loaded: loaded (/usr/lib/systemd/system/cockpit.socket; enabled; vendor preset: disabled)
Active: active (listening) since Fri 2022-09-16 19:58:23 CEST; 1min 59s ago
Docs: man:cockpit-ws(8)
Listen: [::]:9090 (Stream)
Process: 2076 ExecStartPost=/bin/ln -snf active.motd /run/cockpit/motd (code=exited, status=0/SUCCESS)
Process: 2067 ExecStartPost=/usr/share/cockpit/motd/update-motd localhost (code=exited, status=0/SUCCESS)

Sep 16 19:58:23 ad.gyar.hu systemd[1]: Starting Cockpit Web Service Socket.
Sep 16 19:58:23 ad.gyar.hu systemd[1]: Listening on Cockpit Web Service Socket.

/usr/sbin/e-smith/config

Then the Path variable might be missing something.

Edit:

[root@ad gyaradm]# /usr/sbin/e-smith/config show pki
pki=configuration
CertificateDuration=3650
ChainFile=
CommonName=
CountryCode=
CrtFile=/etc/pki/tls/certs/wildcard.crt
EmailAddress=
KeyFile=/etc/pki/tls/private/wildcard.key
LetsEncryptChallenge=http
LetsEncryptDomains=internal.gyar.hu
LetsEncryptMail=andras@gyar.hu
LetsEncryptShortChain=enabled
Locality=
Organization=
OrganizationalUnitName=
State=
SubjectAltName=
[root@ad gyaradm]#

/usr/sbin/e-smith/config show pki    #just to know current settings
/usr/sbin/e-smith/config setprop pki CrtFile ''
/usr/sbin/e-smith/config setprop pki KeyFile ''
/usr/sbin/e-smith/config setprop pki ChainFile ''
/usr/sbin/e-smith/signal-event certificate-update

PATH variable (according to above post)

after these commands:
[root@ad gyaradm]# /usr/sbin/e-smith/config show pki
pki=configuration
CertificateDuration=3650
ChainFile=
CommonName=
CountryCode=
CrtFile=
EmailAddress=
KeyFile=
LetsEncryptChallenge=http
LetsEncryptDomains=internal.gyar.hu
LetsEncryptMail=andras@gyar.hu
LetsEncryptShortChain=enabled
Locality=
Organization=
OrganizationalUnitName=
State=
SubjectAltName=

and the webgui is working!!!

thank you very much, you were a great help
many thanks!!!