Hi all,
I’ve installed the Mender demo server on my own on a host and the client (dunfell branch, based on Yocto) on a Beaglebone Black board, both conntected to my local network and want to test the device binding.
In my LAN, there’s no way to run a domain name server (I’m not the admin ^^).
I have two questions:
One option is to temporarily add the domain and IP address to the local lookup system of the device/pc that wants to contact the server.
So on Linux that would your /etc/hosts file
Then you can contact the server using the domain name embedding in your certificate.
The entry in the /etc/hosts file doesn’t work. But I’ll test it again.
Client’s log:
Failure occurred while executing authorization request: &url.Error{Op:\"Post\", URL:\"https://myserver/api/devices/v1/authentication/auth_requests\", Err:(*net.OpError)(0x85a870)}
Authorization request error: dial tcp 192.168.50.32:443: connect: connection refused
Authorize failed: transient error: authorization request failed: generic error occurred while executing authorization request: Post \"https://myserver/api/device
Sorry, can’t fit all the message lines.
to my eyes it looks like it cannot open port 443 on 192.168.50.32.
can you telnet to that address and port to confirm that you can open a socket on that port?
telnet 192.168.50.32 443
you should get the following to indicate that you have opened a socket successfully
Trying 192.168.50.32...
Connected to 192.168.50.32.
Escape character is '^]'Yes, it works.
Oh sorry, I forgot to run “./demo up” on the server. Now there are other logs. Just a sec…
you may be able to get more insight into the underlying issue by doing
cat /var/log/kern.log | grep mender
see discussion here: Mender client testing on solidrun with Mender demo server
“kern.log” doesn’t exist, but “messages”.
The logs:
Sep 14 11:31:57 beaglebone-yocto user.err mender[171]: time="2020-09-14T11:31:57+02:00" level=error msg="Failure occurred while executing authorization request: &url.Error{Op:\"Post\", URL:\"https://myserver/api/devices/v1/authentication/auth_requests\", Err:x509.HostnameError
Sep 14 11:31:57 beaglebone-yocto user.err mender[171]: time="2020-09-14T11:31:57+02:00" level=error msg="Authorization request error: x509: certificate is valid for docker.mender.io, not myserver"
Sep 14 11:31:57 beaglebone-yocto user.err mender[171]: time="2020-09-14T11:31:57+02:00" level=error msg="Authorize failed: transient error: authorization request failed: generic error occurred while executing authorization request: Post \"https://myserver/api/devices/v1/authen
the backend looks like its not configured with your own certificate and is expecting to be contacted on docker.mender.io domain and failing the domain name check.
Just like in the link i mentioned above. Double check the process for whether you are using demo setup or production setup.
you could just use docker.mender.io domain instead of myserver in you hosts file and mender config for the time being if its just a test.
It is the demo mode, https://192.168.50.32/ui/#/ told me. I’ll create a new certificate for “myserver”…
I ran
CERT_API_CN=myserver CERT_STORAGE_CN=myserver ./keygen
in Mender’s root directory and restarted the server with
./demo up
The messages on the client are the same as before. How can I tell the server to use “myserver” instead of “docker.mender.io”?
by adding your own certificate I believe you are now crossing over into the production-ready configuration of the mender server and would need to most likely follow these instructions.
if you still want to use in demo mode then below are instructions for that.
