Server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none

Bij het proberen te updaten van Proxmox 5 (Debian 8 gebasseerd) geeft deze de volgende foutmelding:
Server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none

Dit komt omdat het root certificaat van Letsencrypt verlopen is op 30 september 2021.

De oplossing hiervoor is als volgt:

  1. Open (bijvoorbeeld met nano) /etc/ca-certificates.conf en zet een ! voor /mozilla/DST_Root_CA_X3.crt
  2. update ca-certificates met update-ca-certificates

Bovenstaande werkt alleen mits ca-certificates geinstalleerd staat en /usr/share/ca-certificates/mozilla/ISRG_Root_X1.crt in /etc/ca-certificates.conf zit.

Moving directory to another partition (part 1)

Due to the fact that the primaire virtual disk (containing the Debian OS and currently the /var) of one of our customers servers is on a SSD pool and almost reaching its capacity (>75%) we need to add a second virtual disk and move the /var folder (HDD space costs less and is fast enough to serve websites and email).

First we started with creating the new virtual disk and adding it to the VM.
Secondly we partitioned it:
1. Use “fdisk -l” to get the disk name (in our case vdb)
2. cfdisk /dev/<diskname>
3. Select new
4. Press enter at the “Specify size in MB” to use the whole disk.
5. “mkfs.ext4 /dev/<diskname>”
6. “mkdir /var2”
7. Get the UUID of the disk with the command “blkid”.
8. “echo “UUID=<UUID> /var2 ext4 errors=remount-ro 0 1″ >> /etc/fstab”

Next we can copy the data from /var to /var2 (we use rsync to preserve permissions).
We are currently running the following command to make a first copy:
“rsync -av /var/ /var2”

The next step would be stopping all services (apache, mysql, dovecot etc.) but we will continue on this after the data has been copied (which will take a full night).