0

I'm receiving this error message when trying to deploy a VM using a local ubuntu ISO stored in a local datastore on the bare metal host.

proxmox_vm_qemu.terra-vm1[0]: Creating... ╷ │ Error: error creating VM: 596 tls_process_server_certificate: certificate verify failed, error status: (params: map[agent:1 args: bios:seabios boot: bootdisk:scsi0 cores:2 cpu:host description: hotplug:network,disk,usb ide2:local:iso/ubuntu-20.04.4-live-server-amd64.iso,media=cdrom kvm:true machine: memory:2048 name:terra-vm1 net0:virtio=82:07:15:10:C4:4E,bridge=vmbr0 numa:false onboot:false ostype: scsi0:local-lvm-ssd-thin:10 scsihw:virtio-scsi-pci sockets:1 startup: tablet:true tags: vmid:104]) │ │ with proxmox_vm_qemu.terra-vm1[0], │ on main.tf line 21, in resource "proxmox_vm_qemu" "terra-vm1": │ 21: resource "proxmox_vm_qemu" "terra-vm1" {

This is my main.tf. I've tried with a token ID, with username and pw, tls_insecure true and false. Same result.

provider "proxmox" {
pm_api_url = "https://myserverIP:8006/api2/json"
#pm_user = "terraform-prov@pve"
#pm_password = "super_secure_password"
# pm_api_token_id = "root@pam!terra-test"
pm_api_token_id = "terraform-prov@pve!vmCreation"
pm_api_token_secret = "8f2408d0-3ffe-4759-832e-345659a0c2a7"
pm_tls_insecure = true
pm_debug = true
}

resource "proxmox_vm_qemu" "terra-vm1" {
count = 1
name = "terra-vm1"

target_node = "proxmoxlab.orlcoelab.com"

iso = "local:iso/ubuntu-20.04.4-live-server-amd64.iso"

agent = 1
memory = 2048
sockets = 1
cores = 2
cpu = "host"
scsihw = "virtio-scsi-pci"
os_type = "ubuntu"
bootdisk = "scsi0"

disk {
slot = 0
size = "10G"
type = "scsi"
storage = "local-lvm-ssd-thin"
}

network {
model = "virtio"
bridge = "vmbr0"
}
}
ark-tech
  • 1

1 Answers1

-1

You might attempt the following steps to solve the problem:

Check the certification: Verify the validity and trustworthiness of the TLS certificate being used. Verify that the certificate is valid and correctly setup.

To verify the certificate, make sure the Proxmox server has reliable network access to the certificate authority (CA). Additionally, confirm that the Proxmox server has access to any necessary intermediate certificates and, if necessary, certificate revocation lists (CRLs).

Make sure the Proxmox server can resolve the domain name linked to the TLS certificate by checking DNS resolution. DNS difficulties could result in certificate verification failures.

Verify the system time on the Proxmox server to make sure it is accurate. Failures in certificate verification might be brought on by incorrect time settings.

Disable TLS certificate verification for a while to see if it fixes the problem (not advised): If you're in a development or testing environment, you can try temporarily disabling TLS certificate verification. However, for security purposes, it's essential to allow certificate verification in production systems.

hope this will works for you.

Ankitkumar Parekh
  • 1
  • 1
  • No certs installed. No DNS. I've set the pm_tls_insecure = true to false and still get the same error. – ark-tech May 23 '23 at 15:21