Unable to Import Custom Cert

minmie · February 28, 2026, 2:12am

I still don't quite understand what issue you're encountering. However, if your key is encrypted, it cannot be used. Or perhaps it cannot be used so simply.

mjwaters1985 · February 28, 2026, 2:37am

If by “encrypted” you mean the key has a password, it doesn’t. Also, as I pointed out, there was no issue configuring this exact cert and key via the KVM’s terminal. I’d love to help with additional troubleshooting, but the error the web GUI throws is basically useless and, unless you can point me to some other logging, I don’t know how else I can help you dig into this.

minmie · February 28, 2026, 3:55am

run command logread -f and upload your cert , you will see error log

mjwaters1985 · February 28, 2026, 9:29pm

@minmie There was nothing related in the log output, but I did find this in the Chrome dev tools when trying to upload:

vendor-axios-DMXdiZgf.js:1  POST https://[REDACTED]/api/system/ssl_cert 413 (Content Too Large)
(anonymous) @ vendor-axios-DMXdiZgf.js:1
xhr @ vendor-axios-DMXdiZgf.js:1
Qe @ vendor-axios-DMXdiZgf.js:1
Promise.then
_request @ vendor-axios-DMXdiZgf.js:1
request @ vendor-axios-DMXdiZgf.js:1
(anonymous) @ vendor-axios-DMXdiZgf.js:1
(anonymous) @ vendor-axios-DMXdiZgf.js:1
(anonymous) @ main-BMKoVWO4.js:22
setTlsCert @ index-J2KwmNk2.js:2
handleApply @ kvmPlayer-B_dP6bvh.js:1
await in handleApply
M @ kvmPlayer-B_dP6bvh.js:1
c @ main-BMKoVWO4.js:22
Vt @ vendor-Db3x8u3o.js:18
Ht @ vendor-Db3x8u3o.js:18
vo @ vendor-Db3x8u3o.js:19
N @ vendor-antd-Dp_rkhsE.js:1
Vt @ vendor-Db3x8u3o.js:18
Ht @ vendor-Db3x8u3o.js:18
n @ vendor-Db3x8u3o.js:24

It looks like the Comet’s Nginx server is rejecting the POST with a 413 error. From what I can find, it should be possible to fix this by setting an appropriate value for client_max_body_size in /etc/nginx/nginx.conf, but that attribute isn’t even present in that configuration file.

minmie · March 2, 2026, 1:52am

modify `/etc/kvmd/nginx-kvmd.conf`

I already set it to 8k or 16k in the test firmware

mjwaters1985 · March 2, 2026, 7:38pm

I set client_max_body_size in /etc/kvmd/nginx-kvmd.conf to 16k and was able to upload my cert successfully via the web GUI. Can you include nano in future builds? I’m honestly incompetent with vi/vim - nano is much easier for casual users.

matta · March 3, 2026, 2:06am

Pico is another alternative similar to nano, for additional options. Yeah maybe it reflects poorly on my limited Linux/Unix skills to be afraid of vi/vim, but I gotta agree with @mjwaters1985 here

matta · March 3, 2026, 2:15am

I have no idea why, but I have been using an RM1PE, which is currently on V 1.8.0 Release 1, and it just suddenly accepted the exact same cert/key pair, without any changes, when it hadn’t before. I was just suddenly able to upload via the UI, when I wasn’t before.

I now have a separate concern where it seems that the device was only sending part of the cert chain (the leaf and intermediate CA), and NOT the root CA. I’m doing more testing to confirm if that’s a user issue on my end or a legitimate concern, however I’ll start a new Forum thread if that’s the case.

minmie · March 3, 2026, 2:54am

We’ll fix this issue in 1.8.1 release.