remote error: tls: unknown certificate authority



  • I'm trying to set up pufferd to use ssl with LetsEncrypt:

    I've copied:
    /etc/letsencrypt/live/example.com/cert.pem to /etc/pufferd/https.pem
    /etc/letsencrypt/live/example.com/privkey.pem to /etc/pufferd/https.key

    I also changed the pufferd's config to have the authserver and infoserver to use https instead of http

    When trying to use a game server's console on PufferPanel,
    the error "Unable to connect to web socket server, will attempt to use timed refresh" appears.

    Running service pufferd status shows:
    Mar 17 12:35:07 example.com pufferd[1542]: http: TLS handshake error from 127.0.0.1:59117: remote error: tls: unknown certificate authority
    Mar 17 12:35:07 example.com pufferd[1542]: http: TLS handshake error from 127.0.0.1:59118: tls: first record does not look like a TLS handshake
    Mar 17 12:35:07 example.com pufferd[1542]: http: TLS handshake error from 127.0.0.1:59119: tls: first record does not look like a TLS handshake
    Mar 17 12:35:07 example.com pufferd[1542]: http: TLS handshake error from 127.0.0.1:59120: remote error: tls: unknown certificate authority
    Mar 17 12:35:07 example.com pufferd[1542]: http: TLS handshake error from 127.0.0.1:59121: tls: first record does not look like a TLS handshake
    Mar 17 12:35:07 example.com pufferd[1542]: http: TLS handshake error from 127.0.0.1:59122: tls: first record does not look like a TLS handshake
    Mar 17 12:35:08 example.com pufferd[1542]: http: TLS handshake error from 127.0.0.1:59123: remote error: tls: unknown certificate authority
    Mar 17 12:35:08 example.com pufferd[1542]: http: TLS handshake error from 127.0.0.1:59124: tls: first record does not look like a TLS handshake
    Mar 17 12:35:08 example.com pufferd[1542]: http: TLS handshake error from 127.0.0.1:59125: tls: first record does not look like a TLS handshake



  • "remote error: tls: unknown certificate authority"

    This indicates the certificate is bad and/or you have pufferd installed locally, and changed the URL to not be example.com



  • @LordRalex
    Yeah, I have it installed locally
    I've tried it without https, but the panel displays "Unable to connect to web socket server, will attempt to use timed refresh" so I tried to use https to see if it'd work, which it did not



  • @Nystrata said in remote error: tls: unknown certificate authority:

    @LordRalex
    Yeah, I have it installed locally
    I've tried it without https, but the panel displays "Unable to connect to web socket server, will attempt to use timed refresh" so I tried to use https to see if it'd work, which it did not

    How would I get LetsEncrypt to work between PufferPanel and pufferd installed locally?
    At the moment, when I try to use the PufferPanel console, I get a ""Unable to connect to web socket server, will attempt to use timed refresh" appears." and the console refreshes incredibly slow.
    On Chrome, it tells me that the site is trying to load unsafe scripts. If I allow it to load those scripts, the error goes away and the console works pretty snappily.

    EDIT: Ralex's answer combined with https://community.pufferpanel.com/topic/574/i-can-t-communicate-with-the-daemon-pufferd-when-using-https


Log in to reply
 

Looks like your connection to PufferPanel Community was lost, please wait while we try to reconnect.