Issue with connecting client to 2.4 production mender server

Hi i had issue with certificate authentication with my DART 6-UL device and i could not solve this. So i tried to connect a client on another machine to mender production server 2.4. I follow this link https://docs.mender.io/2.4/client-configuration/installing#install-mender-provided-debian-package to set up mender-client. I wrote my own server address where necessary in the configuration files.

This time i have different error.

I would gladly accept if you have an idea or want to give advice.

Best regards.

I suspect you still have a certificate verification issue. How did you setup the server? Where did you obtain the certificate?

Drew

Thank you for response,

I followed https://docs.mender.io/2.4/administration/production-installation documentation. Certificate is generated with keygen in this doc.

ayvat

I might be worth verifying the certificate of the web server.

In the past i have used openssl s_client on the client device to verify the certificate chain of trust of the webserver to make sure your everything you need is installed on your client device. You might need the ca-certificates recipe installed on your client device if the verification highlights a problem. For me as my It department is a cert-authority I needed to add their cert to the trust chain on my device.

Hi again
I had different issues last 4 days and today finally i can focus on the mender again. Thanks for the replies. Today i remove mender production server and surprisingly mender-client still getting response from the server. It did not make sense to me. Although the server is not installed (I cannot access the interface with ip) I still get an invalid character error from the server.

Can anyone give an idea about the reason for this?

In addition, I share the etc/hosts configs of the devices I work with because it seems to me that there is something wrong. Maybe the error I got could be related to this. I could not find the required etc/hosts configurations. I would be very happy if you could give the relevant link.

server machine etc/hosts (ip: 90)
90

yocto (dart6-ul) original edge client etc/hosts (ip: 84)
board

test mender client etc/hosts (ip: 91)
91

You only need /etc/hosts modifications if you do not have a DNS entry setup for your server. The normal use case is that you use DNS to resolve the name and not rely on /etc/hosts.

If you don’t have DNS resolution then you need to add entries in your /etc/hosts file for both the API gateway and the Storage proxy. With the demo server these are set to docker.mender.io and s3.docker.mender.io but with the production server, it’s based on your setup. Specifically the values you provided when you created the certificates.

As for the error on connecting, it seems that something is responding on port 443 on whatever you have specified as the Mender Server. I ran a local check and get a connection timeout rather than the error you are seeing.

Drew