meraj

meraj

Unknown CA error for custom nerves hub instance

After setting up custom nerves hub instance, I am able to create devices and products, add certificates via web. However, whenever I try to create them via command line e.g.:

mix nerves_hub.product create

I am getting this error:
Unhandled error: {:error, {:tls_alert, {:unknown_ca, 'TLS client: In state wait_cert at ssl_handshake.erl:1838 generated CLIENT ALERT: Fatal - Unknown CA\n'}}}

This is a staging setup and the domains are as:

  1. www.staging.mydomain.com - we are able to access this via browser and it shows it has a valid certificate issued by AWS.
  2. api.staging.mydomain.com - it shows the certificate is signed by NervesHub (as I deployed NH custom instance after creating an initial key-chain via nerves_hub repo) and browser also show this error of privacy alert. I had to add an exception to access this web page.
  3. device.staging.mydomain.com - same as above in no 2.

I have tried this both from Mac and Linux after adding these certificates to trusted generated by nerves hub. In code, I am telling it to load all these certificates from:
ca_certs = Path.expand("../ssl/prod", __DIR__)

I don’t know if this error is coming due to self signed certs or anything else. Is there any way I can resolve this error and be able to run these commands from my terminal against custom nerves hub instance and later after creating and installing image on our device, it is also able to communicate with our custom nerves hub instance.

Currently we are trying to achieve this without NervesKey.

First Post!

jjcarstens

jjcarstens

Nerves Core Team

The API request still doesn’t have the ca certs it needs. So the real question here is what are you doing with the ca_certs variable you create it? Just assigning the variable doesn’t help us really know where it is.

I’d also check out the doc here Connecting to your environment | NervesHub

Specifically, you need the config :nerves_hub_user_api, ca_certs: ca_certs portion in order for your CLI requests to succeed

Where Next?

Popular in Questions Top

chokchit
** (DBConnection.ConnectionError) connection not available and request was dropped from queue after 2733ms. You can configure how long re...
New
mcarvalho
What is the difference between System.get_env and Application.get_env? For example, what are best practices to use one versus another.
New
qwerescape
Is there a way to get the call stack or stack trace at any point in the code? Not from exceptions, but an expression that returns how the...
New
LegitStack
I’m trying to make a websocket server in Phoenix or raw Elixir. I heard about gun, I think I could use cowboy, but since I’m not that sma...
New
ycv005
I have followed this StackOverflow post to install the specific version of Erlang. And When I am running mix ecto.setup then getting fol...
New
dokuzbir
I want to highlight html closing tags when i click a html tag. That works in .html files but doesnt work for html.eex templates. How can...
New
SoCreat
i’m a new one to elixir which editor can i use vs code? or atom? Thanks! :smiley:
New
dotdotdotPaul
Okay, I’m having a heck of a time trying to figure out how to best handle the validation of belongs_to associations in Ecto. I’m sure I’...
New
jononomo
For some reason my phoenix channels are working for me in my local dev environment, but as soon as I deploy via Docker, I get a 403 error...
New
lanycrost
Hi everyone! I need implement if…else if…else condition from my elixir code, and anymore of this control flow structures not work proper...
New

Other popular topics Top

Darmani72
If I have a post route which an argument: post /my_post_route/:my_param1, MyController.my_post_handler How would get the post params ...
New
9mm
I am constructing a JSON object (map) and I need to conditionally set a field. I’m trying to write proper elixir-way code… and I’m at a l...
New
skosch
To my knowledge, put_in, Map.update etc. all have the one limitation of not automatically creating intermediate keys when needed (for exa...
New
electic
Hi, I am new to Elixir. I am trying to use the DateTime component to insert a date into MySQL however the there seems to be no way to fo...
New
Lily
In templates/appointment/index.html.eex: <%= for appointment <- @appointments do %> <tr> <td><%= appoi...
New
Qqwy
Original source of discussion: This topic on the Pragmatic Programmers’ Functional Web Development with Elixir, OTP, and Phoenix forum. ...
New
bsollish-terakeet
Credo is smart enough to check for (something like) this: assert length(the_list) == 0 with this response: Checking if an enum is empt...
New
Qqwy
Update: How to use the Blogs & Podcasts section You can post links to your blog posts or podcasts either in one of the Official Blog...
3271 126479 1222
New
hariharasudhan94
Lets say I have map like this fetching from my database %{"_id" => #BSON.ObjectId<58eb1a7a9ad169198c3dXXXX>, "email" => ...
New
jononomo
For some reason my phoenix channels are working for me in my local dev environment, but as soon as I deploy via Docker, I get a 403 error...
New

We're in Beta

About us Mission Statement