Invalid peer certificate: UnknownIssuer & connectivity issues

[roeierez]

relai: https://github.com/breez/breez-sdk-relai/issues/65

User can't interact with the node:

status: Unavailable, message: "error trying to connect: dns error: failed to lookup address information: nodename nor servname provided, or not known", details: [], metadata: MetadataMap { headers: {} }, source: Some(tonic::transport::Error(Transport, hyper::Error(Connect, ConnectError("dns error", Custom { kind: Uncategorized, error: "failed to lookup address information: nodename nor servname provided, or not known" }))))

And also for invoice creation:

Failed to create invoice: Generic: Generic: status: Unavailable, message: \"error trying to connect: received fatal alert: Unknown(225)\", details: [], metadata: MetadataMap { headers: {} }

The user also gets invalid peer certificate: UnknownIssuer

[cdecker]

The first error seems to be caused by the platform, and could be related to a brief dip in connectivity. Unless this becomes a repeat event, we don't need to look into that.

As for the second error that is a custom error that is used for this:

• InternalError = 221
• wildcard error - ReadSniError = 222 - errored during the process to strip off the sni field from the client_hello message
• ConnectNodeError = 223 - can not connect to the node address that was returned by the scheduler
• ConnectSchedulerError = 224 - can not connect to the scheduler
• SchedulerError = 225 - could not schedule the node

So most likely we were just at capacity (the logs provided do not give us a window to search for the failure).

Finally the last one is usually because the client attempted to talk to a node before configuring the mTLS client cert, or if the server had an issue loading its own CA (rather unlikely but possible if the disk fills up).

All of these problems are likely temporary, and should not be reproducible, with maybe the exception of the last one as that may point to the client library being used in an unconfigured way.