Uploaded image for project: 'Mender'
  1. Mender
  2. MEN-3600

Enterprise onboarding fails with 2.4.0b1-build2

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Done
    • Priority: (None)
    • Resolution: Fixed
    • Affects Version/s: 2.4.0b1
    • Fix Version/s: 2.4.0b1
    • Labels:
    • Backlog:
      no
    • Days in progress:
      0

      Description

      Enterprise onboard fails. The server is up and running and the commands for executing on the target are:

      sudo bash -c 'wget https://d1b0l86ne08fsf.cloudfront.net/2.3.0b1-build2/dist-packages/debian/armhf/mender-client_2.3.0b1-build2-1_armhf.deb && \
      DEBIAN_FRONTEND=noninteractive dpkg -i --force-confdef --force-confold mender-client_2.3.0b1-build2-1_armhf.deb && \
      DEVICE_TYPE="raspberrypi3" && \
      TENANT_TOKEN="...snip..." && \
      mender setup \
        --device-type $DEVICE_TYPE \
      --quiet   --server-url 192.168.7.41 \
          --server-cert=""   --tenant-token $TENANT_TOKEN \
        --retry-poll 30 \
        --update-poll 5 \
        --inventory-poll 5 && \
      systemctl restart mender-client'
      

      This results in:

      mender-client_2.3.0 100%[===================>]   1.83M  5.88MB/s    in 0.3s    
      
      2020-05-27 20:56:21 (5.88 MB/s) - ‘mender-client_2.3.0b1-build2-1_armhf.deb’ saved [1918874/1918874]
      
      Selecting previously unselected package mender-client.
      (Reading database ... 39839 files and directories currently installed.)
      Preparing to unpack mender-client_2.3.0b1-build2-1_armhf.deb ...
      Unpacking mender-client (2.3.0b1-build2-1) ...
      Setting up mender-client (2.3.0b1-build2-1) ...
      
      Configuration file '/etc/mender/artifact_info'
       ==> File on system created by you or by a script.
       ==> File also in package provided by package maintainer.
       ==> Keeping old config file as default.
      WARN[0000] No server URL(s) specified in mender configuration. 
      WARN[0000] Server entry 1 has no associated server URL. 
      Please enter a valid url for the server:
      

      If I use _https://191.168.7.41_ for the server URL, then the command completes but the device never connects.

      From the client logs:

      May 27 20:56:53 raspberrypi mender[940]: time="2020-05-27T20:56:53+01:00" level=info msg="Mender running on partition: /dev/mmcblk0p2"
      May 27 20:56:53 raspberrypi mender[940]: time="2020-05-27T20:56:53+01:00" level=warning msg="IGNORING ERROR: The client server-certificate can not be loaded: (open : no such file or directory). The client will continue running, but may not be able to communicate with the server. If this is not your intention please add a valid server certificate"
      May 27 20:56:53 raspberrypi mender[940]: time="2020-05-27T20:56:53+01:00" level=info msg="State transition: init [none] -> init [none]"
      May 27 20:56:53 raspberrypi mender[940]: time="2020-05-27T20:56:53+01:00" level=info msg="State transition: init [none] -> idle [Idle]"
      May 27 20:56:53 raspberrypi mender[940]: time="2020-05-27T20:56:53+01:00" level=info msg="State transition: idle [Idle] -> authorize-wait [Idle]"
      May 27 20:56:53 raspberrypi mender[940]: time="2020-05-27T20:56:53+01:00" level=info msg="State transition: authorize-wait [Idle] -> authorize [Sync]"
      May 27 20:56:53 raspberrypi mender[940]: time="2020-05-27T20:56:53+01:00" level=error msg="Failure occurred while executing authorization request: &url.Error{Op:\"Post\", URL:\"https://192.168.7.41/api/devices/v1/authentication/auth_requests\", Err:x509.HostnameError{Certificate:(*x509.Certificate)(0x26fb8c0), Host:\"192.168.7.41\"}}"
      May 27 20:56:53 raspberrypi mender[940]: time="2020-05-27T20:56:53+01:00" level=error msg="Authorization request error: x509: cannot validate certificate for 192.168.7.41 because it doesn't contain any IP SANs"
      May 27 20:56:53 raspberrypi mender[940]: time="2020-05-27T20:56:53+01:00" level=error msg="Authorize failed: transient error: authorization request failed: generic error occurred while executing authorization request: Post https://192.168.7.41/api/devices/v1/authentication/auth_requests: x509: cannot validate certificate for 192.168.7.41 because it doesn't contain any IP SANs"
      May 27 20:56:53 raspberrypi mender[940]: time="2020-05-27T20:56:53+01:00" level=info msg="State transition: authorize [Sync] -> authorize-wait [Idle]"
      May 27 20:57:23 raspberrypi mender[940]: time="2020-05-27T20:57:23+01:00" level=info msg="State transition: authorize-wait [Idle] -> authorize [Sync]"
      May 27 20:57:23 raspberrypi mender[940]: time="2020-05-27T20:57:23+01:00" level=error msg="Failure occurred while executing authorization request: &url.Error{Op:\"Post\", URL:\"https://192.168.7.41/api/devices/v1/authentication/auth_requests\", Err:x509.HostnameError{Certificate:(*x509.Certificate)(0x26fbb80), Host:\"192.168.7.41\"}}"
      May 27 20:57:23 raspberrypi mender[940]: time="2020-05-27T20:57:23+01:00" level=error msg="Authorization request error: x509: cannot validate certificate for 192.168.7.41 because it doesn't contain any IP SANs"
      May 27 20:57:23 raspberrypi mender[940]: time="2020-05-27T20:57:23+01:00" level=error msg="Authorize failed: transient error: authorization request failed: generic error occurred while executing authorization request: Post https://192.168.7.41/api/devices/v1/authentication/auth_requests: x509: cannot validate certificate for 192.168.7.41 because it doesn't contain any IP SANs"
      May 27 20:57:23 raspberrypi mender[940]: time="2020-05-27T20:57:23+01:00" level=info msg="State transition: authorize [Sync] -> authorize-wait [Idle]"
      

        Attachments

          Activity

            People

            Assignee:
            a10040 Kristian Amlie
            Reporter:
            drewmoseley Drew Moseley
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: