How do I bind a certificate to web UI?

TrueNAS-13.0-U6.2

Going through some cert renewals in the homelab.

I went through creating the new certificate + private key and then importing those into TrueNAS core. That appeared to go through fine.

I opened a fresh browser window (private browsing) pointed at the NAS and it still used the old/previous certificate. Rebooted the NAS as a quick troubleshoot, that made no difference - still using the previous cert.

I try to then delete the previous certificate and I get this:

Error: Traceback (most recent call last):
  File "/usr/local/lib/python3.9/site-packages/middlewared/job.py", line 355, in run
    await self.future
  File "/usr/local/lib/python3.9/site-packages/middlewared/job.py", line 393, in __run_body
    rv = await self.middleware.run_in_thread(self.method, *([self] + args))
  File "/usr/local/lib/python3.9/site-packages/middlewared/main.py", line 1159, in run_in_thread
    return await self.run_in_executor(self.thread_pool_executor, method, *args, **kwargs)
  File "/usr/local/lib/python3.9/site-packages/middlewared/main.py", line 1156, in run_in_executor
    return await loop.run_in_executor(pool, functools.partial(method, *args, **kwargs))
  File "/usr/local/lib/python3.9/concurrent/futures/thread.py", line 58, in run
    result = self.fn(*self.args, **self.kwargs)
  File "/usr/local/lib/python3.9/site-packages/middlewared/schema.py", line 985, in nf
    return f(*args, **kwargs)
  File "/usr/local/lib/python3.9/site-packages/middlewared/plugins/crypto.py", line 2150, in do_delete
    self.middleware.call_sync('certificate.check_dependencies', id)
  File "/usr/local/lib/python3.9/site-packages/middlewared/main.py", line 1299, in call_sync
    return self.run_coroutine(methodobj(*prepared_call.args))
  File "/usr/local/lib/python3.9/site-packages/middlewared/main.py", line 1339, in run_coroutine
    return fut.result()
  File "/usr/local/lib/python3.9/concurrent/futures/_base.py", line 439, in result
    return self.__get_result()
  File "/usr/local/lib/python3.9/concurrent/futures/_base.py", line 391, in __get_result
    raise self._exception
  File "/usr/local/lib/python3.9/site-packages/middlewared/service.py", line 624, in check_dependencies
    raise CallError('This object is being used by other objects', errno.EBUSY,
middlewared.service_exception.CallError: [EBUSY] This object is being used by other objects

So…how am I supposed to bind the new/desired certificate to services so that I can clean up the previous certificate? I took a quick look at the docs and it didn’t jump out at me.

System settings, General, set the certificate there. Or use my script to automate the process:

1 Like