Post · bonfire.cafe

@thibaultamartin@mamot.fr · 10 hours ago

I might have found a bug in Proxmox, but I somehow doubt I'm the first person to stumble upon it.

TLDR: Proxmox generates a self-signed certificate that I want my laptop to trust, but it looks like the CA cert is missing a crucial key usage extension.

Have you already stumbled upon it? Am I holding it wrong?

https://forum.proxmox.com/threads/the-root-ca-seems-doesnt-contain-the-key-usage-extension.169961/

#selfHosting #proxmox #homelab

Lars

@koyax@troet.cafe replied · 8 hours ago

@thibaultamartin Not sure if it is really a bug. It's called "self singed certificate" because it signs itself without a ca.
Maybe use acme to create a let's encrypt one 🤓.

Thib

@thibaultamartin@mamot.fr replied · 7 hours ago

@koyax The CA cert Proxmox generates is missing a keyUsage property, which means libraries won't trust it even after adding it to my trust store :)

bonfire.cafe

A space for Bonfire maintainers and contributors to communicate

bonfire.cafe: About · Code of conduct · Privacy · Users · Instances

Bonfire social · 1.0.0-rc.2.8 no JS en

Automatic federation enabled