I recently had a boot drive failure. After reinstalling TrueNAS Scale and restoring the automatic backups in /var/db/system, I have not been able to access the Web UI.
The network is fine. I can connect to the apps running on the server - just not the Web UI itself. After reading through the forums, I have found that the nginx service is failing to start.
It looks like the certificate isn’t found. I’m not sure how to fix this.
The error I see is:
[emerg] 27846#27846: cannot load certificate key "/etc/certificates/truenas_default.key": BIO_new_file() failed (SSL: error:80000002:system library::No such file or directory:calling:fopen(/etc/certificates/truenas_default.key, r) error:10000080:BIO routines::no such file)
ETA:
In the /etc/certificates directory there’s one file truenas_default.crt (which I assume is the public key) and a sub-directory CA which is empty. I’m guessing the default automatic backups that I restored do not include the automatically generated private key?
I also have this same issue. I had my happy system become less than happy. I am running 25.10-BETA.1 - Goldeye. I had a power surge, my grub config would not boot. I grabbed a new SSD, installed fresh and restored my previous system to the new install because the grub tools could not be restored from an Ubuntu live disk. After installing I am seeing the EXACT same thing. I cannot recreate the locally signed certificate from either the UI OR what perplexity suggests. (ton of midctl and manual certificate creation).
I think this is a pretty serious thing… backups will fail to restore for anyone. Services are up… SSH works fine. Data is there, containers boot. Web GUI shows the connection is refused. Nginx fails to load. No matter what I do. I’m not really sure how this release made it out the door if restores fail this badly.
Is there anything that can be done to fix this permanently? I’m copying the key and crt files every time back into position, resetting permissions
root@truenas[~]# ls -l /etc/certificates/freenas_default.crt /etc/certificates/freenas_default.key
systemctl status nginx
ls: cannot access ‘/etc/certificates/freenas_default.key’: No such file or directory
-rw-r–r-- 1 root root 1333 Sep 18 11:37 /etc/certificates/freenas_default.crt
× nginx.service - A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; enabled; preset: enabled)
Active: failed (Result: exit-code) since Thu 2025-09-18 11:36:41 CDT; 36s ago
Docs: man:nginx(8)
CPU: 18ms
Sep 18 11:36:41 truenas systemd[1]: Starting nginx.service - A high performance web server and a reverse proxy server…
Sep 18 11:36:41 truenas nginx[3564]: 2025/09/18 11:36:41 [emerg] 3564#3564: cannot load certificate key “/etc/certificates/freenas_default.key”: BIO_new_f>
Sep 18 11:36:41 truenas nginx[3564]: nginx: configuration file /etc/nginx/nginx.conf test failed
Sep 18 11:36:41 truenas systemd[1]: nginx.service: Control process exited, code=exited, status=1/FAILURE
Sep 18 11:36:41 truenas systemd[1]: nginx.service: Failed with result ‘exit-code’.
Sep 18 11:36:41 truenas systemd[1]: Failed to start nginx.service - A high performance web server and a reverse proxy server.
root@truenas[~]# cd /root/temp-certs
root@truenas[~/temp-certs]# chown root:root /etc/certificates/freenas_default.*
chmod 644 /etc/certificates/freenas_default.crt
chmod 600 /etc/certificates/freenas_default.key
root@truenas[~/temp-certs]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
root@truenas[~/temp-certs]# systemctl restart nginx
root@truenas[~/temp-certs]#
