timthedevguy Posted October 1, 2022 Share Posted October 1, 2022 (edited) Greetings, I recently upgraded my UNRAID from 6.9.2 to 6.11.0 and upon booting I cannot access the WebUI. Shares are not started either, but one problem at a time. Did some searching and such and found where sometimes the emhttp doesn't start so I checked the go file, attempted (even though forum said don't) to run it manually and was informed its already running. Rebooted and performed a diagnostics and checked out those files. I did have SSL on my 6.9.2 and found this line in 'syslog.txt' Sep 30 18:50:38 tower root: nginx: [emerg] cannot load certificate key "/boot/config/ssl/certs/tower_unraid_bundle.pem": PEM_read_bio_PrivateKey() failed (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: ANY PRIVATE KEY) Am I correct in thinking that could be the culprit? How can I reset the system to use HTTP and no SSL certificates from the CLI? I'll attach my diagnostics just in case it could be something else. Any help/advice is very much appreciated. tower-diagnostics-20221001-1019.zip Edited October 7, 2022 by timthedevguy Quote Link to comment
trurl Posted October 1, 2022 Share Posted October 1, 2022 On mobile now so can't look at Diagnostics yet https://wiki.unraid.net/Manual/Security#How_would_you_like_to_access_the_Unraid_webGui_while_on_your_LAN.3F Quote Link to comment
timthedevguy Posted October 1, 2022 Author Share Posted October 1, 2022 Thanks trurl, I read that but kept missing the use_ssl command, finally saw it and just ran use_ssl no and rebooted, still can't access the WebUI so I'm guessing the problem is bigger than the cert. No rush on the diag, when you get time it would be appreciated. Quote Link to comment
trurl Posted October 1, 2022 Share Posted October 1, 2022 Do you have an attached monitor and keyboard? Quote Link to comment
timthedevguy Posted October 1, 2022 Author Share Posted October 1, 2022 Yes, it's sitting at the login prompt currently. Quote Link to comment
trurl Posted October 1, 2022 Share Posted October 1, 2022 Can you ping the server on the network? Quote Link to comment
timthedevguy Posted October 1, 2022 Author Share Posted October 1, 2022 Yep, I can even connect to it via SSH. I did at at some point change the HTTP port from 80 to 8888 because I run a caddy docker container to act as a proxy to other docker containers on the box. Quote Link to comment
JorgeB Posted October 2, 2022 Share Posted October 2, 2022 Edit /config/ident.cfg on the flash drive and change USE_SSL from "yes" or "auto" to "no", then reboot, if after that you can get into the GUI you can then reconfigure SSL. Quote Link to comment
timthedevguy Posted October 2, 2022 Author Share Posted October 2, 2022 (edited) Thanks JorgeB, that did not fix it Just to clarify, my original post combined with newer responses may confuse folks. WebGUI HTTPS: Not working WebGUI HTTP: Not working SSH: Working PING: Working Console: Working Shares: Not working Docker: Not working When I was working on 6.9.2 I added a cert from my own internal PKI and changed the HTTP port from 80 to 8888 I have no qualms with downgrading if we think that would help. Edited October 2, 2022 by timthedevguy Quote Link to comment
JorgeB Posted October 3, 2022 Share Posted October 3, 2022 Since array auto start is disabled the array is stopped so it's normal for the shares and docker not to work, did you try accessing the GUI using the IP address? P.S.: LAN cable is connected to eth1, not eth0, while not technically a problem with the default bound you should always use eth0 to avoid future issues. Quote Link to comment
timthedevguy Posted October 3, 2022 Author Share Posted October 3, 2022 I have tried via the IP, no luck. Ah, I can change that, it has two stacked, I always just use the top one. But can be changed no issues. Should I attempt to change the http port back to 80 and reboot? Quote Link to comment
trurl Posted October 4, 2022 Share Posted October 4, 2022 On 10/1/2022 at 5:08 PM, timthedevguy said: change the HTTP port from 80 to 8888 because I run a caddy docker The best way is to map the host port on the container and leave the Unraid webUI port alone. Quote Link to comment
timthedevguy Posted October 5, 2022 Author Share Posted October 5, 2022 Yeah, had to have a proxy server on port 80 though for my purposes and couldn't because UNRAID was using it, but....it looks like there are no good ideas on how to solve this. Thank you to all for the ideas and help. So instead, how can I either go back to 6.9.2 or get a working 6.11.0? Do I run the usb installer and copy over some config files or am I hosed completely? Quote Link to comment
Solution timthedevguy Posted October 7, 2022 Author Solution Share Posted October 7, 2022 (edited) I finally figured it out, had lots of time in the ER yesterday to think lol. What I did. Reviewed syslog from diagnostics, found the nginx was still complaining about the SSL certificate, I verified SSL was set to no in ident.cfg, changed http port back to 80 and then renamed the /boot/config/ssl/certs folder to certs_old. I then ran '/etc/rc.d/rc.nginx start' and now I have access to the UI. Rebooted and verified access is still ok. As a last tidbit, I regenerated my SSL certs from my internal AD CA and have had no issues. Thanks again for all the help folks! Edited October 7, 2022 by timthedevguy 1 Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.