Revert node certificates to default in Proxmox VE

Last updated Jun 20, 2023

• Linux
• Proxmox
• Virtualization
• Certificates

The purpose of this document is to explain the steps necessary to reset and regenerate the state of the node/host certificates.

This document assumes you have a properly functioning Proxmox cluster with all nodes accessible on the network/via web browser. You’re replaced or modified any of the certificate or key files generated by PVE and now need to revert to the default state.

Delete or move the following files:

1
2
3
4

/etc/pve/pve-root-ca.pem
/etc/pve/priv/pve-root-ca.key
/etc/pve/nodes/<node>/pve-ssl.pem
/etc/pve/nodes/<node>/pve-ssl.key

Note The latter two need to be repeated for all nodes if you have a cluster.

Warning If you do not repeat the latter two on each host, your issue will return.

Afterwards, run the following command on each node of the cluster to re-generate the certificates and keys:

1

pvecm updatecerts -f

• Proxmox VE HTTPS Certificate Configuration