Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    CE to Plus - Unable to check for updates

    Scheduled Pinned Locked Moved
    Problems Installing or Upgrading pfSense Software
    2
    3
    662
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • bingo600B
      bingo600
      last edited by bingo600

      I had a pfSense Major Crash during the easter vacation.
      Were off-site, and came back today ...
      Suspect power-failure as trigger (prob. cleaning lady) šŸ¤•

      Trying to boot w. HDMI Screen attached , and the Qotom "gave all kind of ZFS errors".

      SWMBO - Wanted to see TV , so i took my Hystou/Protecli and started that one.
      The Hystou was already "quite up2date", as i did the 23.01 upgrade on that one as a "test", before upgrading the Qotom.
      SWMBO happy ==> I'm happy

      Restoring Qotom:
      Well took a 2.6.0 CE , and installed. No biggie , pfSense came up as easy as usual.
      After a while ... maybe 1h or so , I decided to upgrade to 23.01 in GUI.
      Absolutely no issue - Detected the 23.01 immediately , and began to upgrade.

      But then i looked at the console ....
      9ef99e50-fb63-4e95-9889-e1aee8dba355-image.png

      And after a a bit more time the upgrade also "barfed" in the GUI.

      Well i decided NOT to trust that disk anymore, and swapped my "Not so old" - 250G EVO870 Sata SSD - For another Samsung 240GB SSD, but this time a "Server Grade Disk".

      Redid the 2.6.0 CE install , and "Hoped i was the PUNK who feel lucky" ... But no.
      When trying to upgrade to Plus i get the dreaded : Unable to check for updates

      If i try via CLI i get this : "Auth error" & other stuff ...
      1d49a221-6aa4-408b-a07d-6821b12ce91d-image.png

      I'm so glad i had my backup box (Hystou) ready to deploy.
      The most impatient important customer (SWMBO), would not have been happy with 3h+ downtime.

      I have to admit the new install has only been up for 30 min, but what are the parameters for updating from CE to Plus successfully quickly ???

      I would like to understand the pre-reqs of a successful access to the 23.01 upgrade repos, if possible ?

      Do you run some kind of "Allow upgrade" batch job every hour or ?
      My NDI is known , and was used for an upgrade attempt less than an hour before.

      I just checked now - pfSense uptime is 1h , still fails at upgrading to plus

      Edit:
      Thanx for the 2.6.0 to "latest Plus" upgrade possibility šŸ‘

      Edit2:

      I see these too: - Cert errors

      Enter an option: 13

>>> Updating repositories metadata... 
pkg-static: Warning: Major OS version upgrade detected.  Running "pkg bootstrap -f" recommended
Updating pfSense-core repository catalogue...
Could not load client certificate /etc/ssl/pfSense-repo-custom.cert
Could not load client certificate /etc/ssl/pfSense-repo-custom.cert
Could not load client certificate /etc/ssl/pfSense-repo-custom.cert
Could not load client certificate /etc/ssl/pfSense-repo-custom.cert
pkg-static: https://pfsense-plus-pkg01.atx.netgate.com/pfSense_plus-v23_01_amd64-core/meta.txz: Authentication error

      Could this be it ?
      https://forum.netgate.com/post/1058595

      You are trying to upgrade from CE to Plus here?

Did you also just reinstall?

You might need to open a ticket and ask to have your NDI bumped. Or just wait 24hrs. There's a limit to the number of times the server will hand out certificates, you may have exhausted it.

Steve

      @stephenw10
      Since my first install crashed w. a bad hdd , could i have exhausted the Netgate Cert Server ?? - I just failed once šŸ¤•

      TIA
      /Bingo

      If you find my answer useful - Please give the post a šŸ‘ - "thumbs up"

      pfSense+ 23.05.1 (ZFS)

      QOTOM-Q355G4 Quad Lan.
      CPUĀ  : Core i5 5250U, Ram : 8GB Kingston DDR3LV 1600
      LANĀ  : 4 x Intel 211, DiskĀ  : 240G SAMSUNG MZ7L3240HCHQ SSD

      R 1 Reply Last reply Reply Quote 0
      • R
        rcoleman-netgate Netgate @bingo600
        last edited by rcoleman-netgate

        @bingo600 said in CE to Plus - Unable to check for updates:

        @stephenw10
        Since my first install crashed w. a bad hdd , could i have exhausted the Netgate Cert Server ?? - I just failed once

        Open a ticket with your NDI and we'll bounce that cert for you (if that is the issue).

        Worth noting the problems you have with your QOTOM matches my own experiences in 2016 with them. I scrapped them all as soon as I could manage it.
        -Ryan

        Ryan
        Repeat, after me: MESH IS THE DEVIL! MESH IS THE DEVIL!
        Requesting firmware for your Netgate device? https://go.netgate.com
        Switching: Mikrotik, Netgear, Extreme
        Wireless: Aruba, Ubiquiti

        bingo600B 1 Reply Last reply Reply Quote 0
        • bingo600B
          bingo600 @rcoleman-netgate
          last edited by bingo600

          @rcoleman-netgate said in CE to Plus - Unable to check for updates:

          @bingo600 said in CE to Plus - Unable to check for updates:

          @stephenw10
          Since my first install crashed w. a bad hdd , could i have exhausted the Netgate Cert Server ?? - I just failed once

          Open a ticket with your NDI and we'll bounce that cert for you (if that is the issue).

          I have just been able to upgrade now.
          So my money is on exhausting the SSL Cert server.

          Why is there such a low limit on the cert server ??

          Worth noting the problems you have with your QOTOM matches my own experiences in 2016 with them. I scrapped them all as soon as I could manage it.

          Well to be fair i think the Qotom is "innocent" , it has been running flawlessly since 2017.

          But I have had ntopng permanently active, and my guess is that it has worn out the SSD disk.
          I should not have used a "consumer" ssd with that amount of logging.
          I have stopped running ntopng permanently active.

          And have changed to a server grade SSD.

          Thank you for the answer Ryan, and offer to contact TAC.

          But this experience worries me a bit, wrt. switching my work boxes to Plus.
          At least until i can buy a "whitebox" subscription, and get access to the Plus image via TAC.

          My next prod boxes will likely be Netgate, but bean counters ......

          /Bingo

          If you find my answer useful - Please give the post a šŸ‘ - "thumbs up"

          pfSense+ 23.05.1 (ZFS)

          QOTOM-Q355G4 Quad Lan.
          CPUĀ  : Core i5 5250U, Ram : 8GB Kingston DDR3LV 1600
          LANĀ  : 4 x Intel 211, DiskĀ  : 240G SAMSUNG MZ7L3240HCHQ SSD

          1 Reply Last reply Reply Quote 0
          • First post
            Last post