Unable to login to Nethserver- blank page

Arthur · January 5, 2022, 6:39am

NethServer Version: 7.9.2009 (I have tried the newer version and the result was the same so I reverted back)
Module: your_module
Hello,
It’s not possible to login on Nethserver’s Cockpit - the blank page is displayed. During the logon the following output is seen

sudo journalctl -b | grep cockpit

`Jan 05 08:34:22 srv.domain.local remotectl[875]: /usr/bin/chcon: can’t apply partial context to unlabeled file ‘/etc/cockpit/ws-certs.d/99-nethserver.cert’
Jan 05 08:34:22 srv.domain.local remotectl[875]: remotectl: couldn’t change SELinux type context ‘etc_t’ for certificate: /etc/cockpit/ws-certs.d/99-nethserver.cert: Child process exited with code 1
Jan 05 08:34:22 srv.domain.local cockpit-ws[878]: Using certificate: /etc/cockpit/ws-certs.d/99-nethserver.cert
Jan 05 08:34:25 srv.domain.local cockpit-ws[878]: couldn’t read from connection: Peer sent fatal TLS alert: Unknown certificate
Jan 05 08:34:36 srv.domain.local cockpit-session[916]: pam_listfile(cockpit:auth): Refused user root for service cockpit
Jan 05 08:34:36 srv.domain.local cockpit-session[916]: pam_ssh_add: Identity added: /root/.ssh/id_rsa (/root/.ssh/id_rsa)
Jan 05 08:34:36 srv.domain.local cockpit-session[916]: pam_unix(cockpit:session): session opened for user root by (uid=0)
Jan 05 08:34:42 srv.domain.local cockpit-ws[878]: logged in user session
Jan 05 08:34:52 srv.domain.local cockpit-ws[878]: couldn’t read from connection: Peer sent fatal TLS alert: Unknown certificate
Jan 05 08:34:52 srv.domain.local cockpit-ws[878]: couldn’t read from connection: Peer sent fatal TLS alert: Unknown certificate
Jan 05 08:34:52 srv.domain.local cockpit-ws[878]: couldn’t read from connection: Peer sent fatal TLS alert: Unknown certificate
Jan 05 08:34:52 srv.domain.local cockpit-ws[878]: couldn’t read from connection: Peer sent fatal TLS alert: Unknown certificate
Jan 05 08:34:52 srv.domain.local cockpit-ws[878]: couldn’t read from connection: Peer sent fatal TLS alert: Unknown certificate
Jan 05 08:34:53 srv.domain.local cockpit-ws[878]: couldn’t read from connection: Peer sent fatal TLS alert: Unknown certificate

Help me please to solve the problem.
Thanks!

`

stephdl · January 5, 2022, 1:52pm

What certificate do you use letsencrypt or the selfsigned

Can you ssh to your server

Arthur · January 5, 2022, 3:01pm

Hello,
Server is configured to use letsencrypt ssl. Yes, I can ssh to server.

stephdl · January 5, 2022, 6:34pm

many reasons what it is broken

ssh to the server and check if the service cockpit is running

you can try to recreate the certificate

signal-event certificate-update

else we could go back to the default certificate by cli

Arthur · January 5, 2022, 10:22pm

thank you very much.
signal-event certificate-update was the solution although ssl cert was up to date