Hello All,
Trying to create a discovery server. Clients do not like the self signed cert. Keep getting “connection reset by peer” on the debug while running strelaysrv
Hello All,
Trying to create a discovery server. Clients do not like the self signed cert. Keep getting “connection reset by peer” on the debug while running strelaysrv
Read the docs, in particular the bit with the text
The discovery server prints it’s device ID at startup. In the case where you are using a non CA signed certificate, this device ID (fingerprint) must be given to the clients in the discovery server URL
Thanks, the “non CA signed certificate” error seems to have gone away with the ID included just after the https://ipaddress:22067?id=this-is-the-id. Now I am seeing “Protocol negotiation error” and “Certificate list error”
Also seeing “magic mismatch” just after the ID
New discovery server should have a /v2 suffix as the URL. I think it prints the URL as it starts, you should just use that.
I don’t see that, running:
“strelaysrv v0.14.8+11-g29ccf10 (go1.7.1 linux-amd64) jenkins@build.syncthing.net”
Maybe it needs a debug or verbose flag to print that, anyway, try adding a /v2 to the url.
To be honest, it’s all explained in the docs: https://docs.syncthing.net/users/stdiscosrv.html
Not really, I still get the following errors with /v2/ in place
016/10/11 10:21:15 listener.go:73: Protocol negotiation error 2016/10/11 10:21:15 listener.go:79: Certificate list error
The client is using either outdated ciphers or is not providing a client certificate for client identity. I suspect its not syncthing connecting to the discovery server
After each successful “Listener accepted connection from x.x.x.x” I get:
2016/10/11 10:57:27 listener.go:73: Protocol negotiation error 2016/10/11 10:57:27 listener.go:79: Certificate list error
This is from two “client” systems, different OS, build, etc
I am a bonehead, problem was all me, I was working with the relay when I just needed to setup a disco server
Thanks, A
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.