[GH-ISSUE #624] api domain certificate x509 error! #400

New issue

Closed

opened 2026-03-02 02:16:04 +03:00 by kerem · 7 comments

kerem commented 2026-03-02 02:16:04 +03:00

Owner

Copy link

Originally created by @magicshow1 on GitHub (Jul 7, 2021).
Original GitHub issue: https://github.com/amidaware/tacticalrmm/issues/624

Server Info (please complete the following information):

• OS: [Ubuntu 20.04]
• Browser: [chrome]
• RMM Version (as shown in top left of web UI):

Installation Method:

• [ x] Standard
• Docker

Agent Info (please complete the following information):

• Agent version (as shown in the 'Summary' tab of the agent from web UI):
• Agent OS: [e.g. Win 10 v2004, Server 2012 R2]

Describe the bug
A clear and concise description of what the bug is.

Originally created by @magicshow1 on GitHub (Jul 7, 2021). Original GitHub issue: https://github.com/amidaware/tacticalrmm/issues/624 **Server Info (please complete the following information):** - OS: [Ubuntu 20.04] - Browser: [chrome] - RMM Version (as shown in top left of web UI): **Installation Method:** - [ x] Standard - [ ] Docker **Agent Info (please complete the following information):** - Agent version (as shown in the 'Summary' tab of the agent from web UI): - Agent OS: [e.g. Win 10 v2004, Server 2012 R2] **Describe the bug** A clear and concise description of what the bug is. 

kerem closed this issue 2026-03-02 02:16:05 +03:00

kerem commented 2026-03-02 02:16:05 +03:00

Author

Owner

Copy link

@magicshow1 commented on GitHub (Jul 7, 2021):

/rmm/api/tacticalrmm/tacticalrmm/local_settings.py

CERT_FILE = "/path/to/your/fullchain.pem"
KEY_FILE = "/path/to/your/privkey.pem"

It still fails after configuration and restart...

<!-- gh-comment-id:875381293 --> @magicshow1 commented on GitHub (Jul 7, 2021): /rmm/api/tacticalrmm/tacticalrmm/local_settings.py CERT_FILE = "/path/to/your/fullchain.pem" KEY_FILE = "/path/to/your/privkey.pem" It still fails after configuration and restart...

kerem commented 2026-03-02 02:16:05 +03:00

Author

Owner

Copy link

@wh1te909 commented on GitHub (Jul 7, 2021):

where did you purchase the cert from and is it wildcard?

<!-- gh-comment-id:875382882 --> @wh1te909 commented on GitHub (Jul 7, 2021): where did you purchase the cert from and is it wildcard?

kerem commented 2026-03-02 02:16:05 +03:00

Author

Owner

Copy link

@wh1te909 commented on GitHub (Jul 7, 2021):

paste nginx configs also

<!-- gh-comment-id:875385601 --> @wh1te909 commented on GitHub (Jul 7, 2021): paste nginx configs also

kerem commented 2026-03-02 02:16:06 +03:00

Author

Owner

Copy link

@magicshow1 commented on GitHub (Jul 7, 2021):

nats wildcard, all are default

<!-- gh-comment-id:875396356 --> @magicshow1 commented on GitHub (Jul 7, 2021): nats wildcard, all are default

kerem commented 2026-03-02 02:16:06 +03:00

Author

Owner

Copy link

@magicshow1 commented on GitHub (Jul 7, 2021):

how can I solve this problem....

<!-- gh-comment-id:875504596 --> @magicshow1 commented on GitHub (Jul 7, 2021): how can I solve this problem....

kerem commented 2026-03-02 02:16:06 +03:00

Author

Owner

Copy link

@silversword411 commented on GitHub (Jul 7, 2021):

Your screenshot shows that the DNS names aren't matching (1st doesn't match 2nd), am I missing something?

If the dns names actually match, is the cert chain unbroken when you view it?

<!-- gh-comment-id:875673735 --> @silversword411 commented on GitHub (Jul 7, 2021): Your screenshot shows that the DNS names aren't matching (1st doesn't match 2nd), am I missing something? If the dns names actually match, is the cert chain unbroken when you view it?

kerem commented 2026-03-02 02:16:06 +03:00

Author

Owner

Copy link

@wh1te909 commented on GitHub (Jul 7, 2021):

nats wildcard, all are default

nats doesn't sell SSL certs lol. if you are using self signed cert then that definitely is not supported and will fail.

and if you are using a purchased ssl cert (not self signed) you'll need to update the nginx configs as well to point to the certs. the default nginx config generated by the install script uses the letsencrypt path. as @silversword411 said, read the error message it should give you a hint.

anyway at this time we don't really support using custom certs. you're welcome to do so if you know what you're doing but there is no official support until we get docs up for it so i'm closing this

<!-- gh-comment-id:875701902 --> @wh1te909 commented on GitHub (Jul 7, 2021): > nats wildcard, all are default nats doesn't sell SSL certs lol. if you are using self signed cert then that definitely is not supported and will fail. and if you are using a purchased ssl cert (not self signed) you'll need to update the nginx configs as well to point to the certs. the default nginx config generated by the install script uses the letsencrypt path. as @silversword411 said, read the error message it should give you a hint. anyway at this time we don't really support using custom certs. you're welcome to do so if you know what you're doing but there is no official support until we get docs up for it so i'm closing this

kerem referenced this issue 2026-03-14 02:56:06 +03:00

[GH-ISSUE #400] Feature request: Rights management by groups (users or customers) #2188

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

develop

master

1.0.0

v1.4.0

v1.3.1

v1.3.0

v1.2.0

v1.1.0

v1.0.0

v0.20.1

v0.20.0

v0.19.4

v0.19.3

v0.19.2

v0.19.1

v0.19.0

v0.18.2

v0.18.1

v0.18.0

v0.17.5

v0.17.4

v0.17.3

v0.17.2

v0.17.1

v0.17.0

v0.16.5

v0.16.4

v0.16.3

v0.16.2

v0.16.1

v0.16.0

v0.15.12

v0.15.11

v0.15.10

v0.15.9

v0.15.8

v0.15.7

v0.15.6

v0.15.5

v0.15.4

v0.15.3

v0.15.2

v0.15.1

v0.15.0

v0.14.8

v0.14.7

v0.14.6

v0.14.5

v0.14.4

v0.14.3

v0.14.2

v0.14.1

v0.14.0

v0.13.4

v0.13.3

v0.13.2

v0.13.1

v0.13.0

v0.12.4

v0.12.3

v0.12.2

v0.12.1

v0.12.0

v0.11.3

v0.11.2

v0.11.1

v0.11.0

v0.10.5

v0.10.4

v0.10.3

v0.10.2

v0.10.1

v0.10.0

v0.9.2

v0.9.1

v0.9.0

v0.8.5

v0.8.4

v0.8.3

v0.8.2

v0.8.1

v0.8.0

v0.7.2

v0.7.1

v0.7.0

v0.6.15

v0.6.14

v0.6.13

v0.6.12

v0.6.11

v0.6.10

v0.6.9

v0.6.8

v0.6.7

v0.6.6

v0.6.5

v0.6.4

v0.6.3

v0.6.2

v0.6.1

v0.6.0

v0.5.3

v0.5.2

v0.5.1

v0.5.0

v0.4.32

v0.4.31

v0.4.30

v0.4.29

v0.4.28

v0.4.27

v0.4.26

v0.4.25

v0.4.24

v0.4.23

v0.4.22

v0.4.21

v0.4.20

v0.4.19

v0.4.18

v0.4.17

v0.4.16

v0.4.15

v0.4.14

v0.4.13

v0.4.12

v0.4.11

v0.4.10

v0.4.9

v0.4.8

v0.4.7

v0.4.6

v0.4.5

v0.4.4

v0.4.3

v0.4.2

v0.4.1

v0.4.0

v0.3.3

v0.3.2

v0.3.1

v0.3.0

v0.2.23

v0.2.22

v0.2.21

v0.2.20

v0.2.19

v0.2.18

v0.2.17

v0.2.16

v0.2.15

v0.2.14

v0.2.13

v0.2.12

v0.2.11

v0.2.10

v0.2.9

v0.2.8

v0.2.7

v0.2.6

v0.2.5

v0.2.4

v0.2.3

v0.2.2

v0.2.1

v0.2.0

v0.1.8

v0.1.7

v0.1.6

v0.1.5

v0.1.4

v0.1.3

v0.1.2

v0.1.1

v0.1.0

Labels

Clear labels   

In Process

  

bug

  

bug

  

dev-triage

  

documentation

  

duplicate

  

enhancement

  

fixed

  

good first issue

  

help wanted

  

integration

  

invalid

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

requires agent update

  

security

  

ui tweak

  

wontfix

No labels

In Process

bug

bug

dev-triage

documentation

duplicate

enhancement

fixed

good first issue

help wanted

integration

invalid

pull-request

question

requires agent update

security

ui tweak

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/tacticalrmm#400

No description provided.