Certificate has expired

Hello Supporter,
hopefully someone can help me with this failure which happened since yesterday. If I want to login in the web base setting I get the followed message:

“Interner Server-Fehler: Der Dienst ist momentan nicht erreichbar!
Konnte nicht zum LDAP-Dienst verbinden.
Fehlermeldung: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed (certificate has expired)”

Is there an easy way how I can renew this certificate. Keep in mind that sending and recieving of mail isnt also possible :frowning:

thx for some help!

Hello!

I just had that same exact issue. The solution I used was to launch a browser (in my case, Microsoft Edge) which is insecure/ignores Certificate validation and then update your certificate via the Management console.

Also, if you use the Univention LetsEncrypt app, you can update your other servers’ certificates from a single host if it has a valid cert.

Hello Rudi,
thx for your feedback! I think we havent realy the same topic because I cant enter if I ignor this meassage by press ok. I cant enter to management consol. this toipc came up because I count recive and send mails. therfore I want to log in the managment consol. The server certivicate needs to be updated but how?! This is the meassage which i get. Hopefully you can give me more details how you fixed this:
image

Renew your certificates How-to: Extend the end date of the UCS CA root certificate

Renewing the certificates is the right thing to do, but you linked the How-To on extending the CA certificate. :wink:
The right article is this one: Renewing the complete SSL certificate chain

Best regards
Jan-Luca

Thx a lot for the workaround! I create based on a new privat certificat and that works but now I stick to get “DC Slave Hosts”. With which comand can shown this information? I dont know, sorry.

chgrp “DC Slave Hosts” CAcert.pem

Ooops. To early in the morning. Thanks

I couldn’t either, unless I used a less-secure browser like Microsoft Edge which allowed me to ignore the expired certificate. I’m not sure which browser you’re using in your screenshots, however I explained in my first post why Edge was my solution :slight_smile: