Still x509 error while executing authorization request

General Discussions
1

Hi.

I am trying to connect my device to the hosted.mender.io server without a full Mender integration. For this purpose, I compiled the mender client for my architecture and followed the steps here. However, I always get the x509 authorization error:

mender_daemon
mender_daemon1450×276 55.1 KB

My /etc/mender/mender.conf looks like this:

{
   "IntervalSeconds": 5,
   "RetryPollIntervalSeconds": 30,
   "ServerURL": "https://hosted.mender.io/",
   "TenantToken": " MY TOKEN ",
   "UpdatePollIntervalSeconds": 5
 }

I tried it without any server.crt at /etc/mender and created one on my own using:

CERT_API_CERT_API_CN=hosted.mender.io CERT_STORAGE_CN=hosted.mender.io ./keygen

with the integration repository and copied that file on my device.

What are the final steps to authorities my device?

2

As you are using https://hosted.mender.io, as far as I am aware you shouldn’t need to provide the Server.crt as its using the real online mender cert. What you may not have your end is the full certificate authority chain installed on your device. This is usually satisfied by installing the ca-certificates package/recipe depending on if you are doing a Yocto build or some other Linux distro build.

3

A missing ca-certificates package was also my best guess, but the functionality along with OpenSSL implementation is fully available.
However, I noticed that my certificates were not available at the default location /usr/local/ssl. Switching to that directory made it working for me.
Anyway, thanks @dellgreen! :sunny:

1 Like