3DS not connecting to pretendo-docker server

[SpringtrapISZ]

I have pretendo-docker running on an AMD desktop computer (the one I'm using right now to complete this issue report), and I'm using an older wireless internet router to act as a LAN connection for all my stuff.

I have a 3DS and a Wii U that I'm using with the server... the Wii U seems to be doing just fine, however when using the FriendsAccountSwicther script on the 3DS, and the manual_override app to reset the Friends environment, it does not connect to the server. The newly created friend code is not displayed, but instead there are a bunch of question marks on my friend card, and when checking the logs in mitmproxy, I don't notice anything evident of an error. This is what the mitmproxy log is giving me:

POST http://nasc.pretendo.cc/ac/ HTTP/1.1
Host: nasc.pretendo.cc
X-GameId: 00003200
User-Agent: CTR FPD/0010
Content-Type: application/x-www-form-urlencoded
Content-Type: application/x-www-form-urlencoded
Content-Length: 838
gameid=MDAwMDMyMDA%2A&sdkver=MDAwMDAw&titleid=MDAwNDAxMzAwMDAwMzIwMg%2A%2A&gamecd=LS0tLQ%2A%2A&gamever=MDAxNQ%2A%2A&mediatype=MA%2A%2A&makercd=MDA%2A&unitcd=Mg%2A%2A&macadr=[REMOVED]&bssid=[REMOVED]&apinfo=[REMOVED]&fcdcert=[REMOVED]&servertype=TDE%2A&fpdver=MDAxMA%2A%2A&devtime=MjQxMDExMDAwMzQw&lang=MDE%2A&region=MDE%2A&csnum=Tlc0MDI2OTYyMA%2A%2A&passwd=[REMOVED]&action=TE9HSU4%2A&ingamesn=

Maintainer note: I have removed some of the provided console data for privacy reasons.

I am given an error code of 001-0502 on my 3DS when I load the friends list, and even when I reboot the system nothing changes. I cannot find anything online about this, so it may be a unique issue, but even still I don't know how to fix it. I also noticed there was no image for my mii on the web interface, when creating a PNID. I can provide screenshots, logs, and images, if necessary.

Thank you in advance for any help you may give.

[MatthewL246]

Can you provide the logs from the account server?

docker compose logs account

[SpringtrapISZ]

It is telling me there is no configuration file provided/not found

Also, thank you for removing data compromising information. I wasn't aware there was any in it ._.

[SpringtrapISZ]

Now it generated a new friend code, and seems to connect to the server, but returns error code 002-0102 upon opening friends list. I also just had to move the current directory to the docker clone directory, here is what the logs returned to me:

account-1 | [0:59:58] [INFO]: Loading config account-1 | [0:59:58] [INFO]: Config loaded, checking integrity account-1 | [0:59:58] [WARN]: Failed to find captcha secret config. Disabling feature. To enable feature set the PN_ACT_CONFIG_HCAPTCHA_SECRET environment variable account-1 | [0:59:58] [WARN]: Failed to find Stripe api key! If a PNID is deleted with an active subscription, the subscription will NOT be canceled! Set the PN_ACT_CONFIG_STRIPE_SECRET_KEY environment variable to enable account-1 | [0:59:58] [INFO]: [conntest] Applying imported routes account-1 | [0:59:58] [INFO]: [conntest] Creating 'conntest' subdomain account-1 | [0:59:58] [INFO]: [cbvc] Applying imported routes account-1 | [0:59:58] [INFO]: [cbvc] Creating 'cbvc' subdomain account-1 | [0:59:58] [INFO]: [NNAS] Applying imported routes account-1 | [0:59:58] [INFO]: [NNAS] Importing middleware account-1 | [0:59:58] [INFO]: [NNAS] Creating 'account' subdomain account-1 | [0:59:58] [INFO]: [NNAS] Creating 'c.account' subdomain account-1 | [0:59:58] [INFO]: [NASC] Importing middleware account-1 | [0:59:58] [INFO]: [NASC] Applying imported routes account-1 | [0:59:58] [INFO]: [NASC] Creating 'nasc' subdomain account-1 | [0:59:58] [INFO]: [DATASTORE] Applying imported routes account-1 | [0:59:58] [INFO]: [DATASTORE] Creating 'datastore' subdomain account-1 | [0:59:58] [INFO]: [USER API] Importing middleware account-1 | [0:59:58] [INFO]: [USER API] Applying imported routes account-1 | [0:59:58] [INFO]: [USER API] Creating 'api' subdomain account-1 | [0:59:58] [INFO]: [LOCAL-CDN] s3 enabled, skipping local CDN account-1 | [0:59:58] [INFO]: [assets] Setting up public folder account-1 | [0:59:58] [INFO]: [conntest] Creating 'assets' subdomain account-1 | [0:59:58] [INFO]: Setting up Middleware account-1 | [0:59:58] [INFO]: Creating 404 status handler account-1 | [0:59:58] [INFO]: Creating non-404 status handler account-1 | [0:59:58] [INFO]: Starting server account-1 | (node:1) NOTE: We are formalizing our plans to enter AWS SDK for JavaScript (v2) into maintenance mode in 2023. account-1 | account-1 | Please migrate your code to use AWS SDK for JavaScript (v3). account-1 | For more information, check the migration guide at https://a.co/7PzMCcy account-1 | (Use node --trace-warnings ... to show where the warning was created) account-1 | [0:59:59] [SUCCESS]: Database connected account-1 | [0:59:59] [SUCCESS]: Cache enabled account-1 | [0:59:59] [SUCCESS]: gRPC server started on port 5000 account-1 | [0:59:59] [SUCCESS]: HTTP server started on port 8080 account-1 | GET / 200 4.067 ms - 240 account-1 | GET / 200 0.497 ms - 240 account-1 | POST /v1/api/oauth20/access_token/generate 400 44.539 ms - 137 account-1 | POST /v1/api/oauth20/access_token/generate 400 6.936 ms - 137 account-1 | GET / 200 0.330 ms - 240 account-1 | GET / 200 0.314 ms - 240 account-1 | POST /ac/ 200 10.542 ms - 54 account-1 | POST /ac/ 200 3.523 ms - 54 account-1 | POST /ac/ 200 3.356 ms - 54 account-1 | POST /v1/register 200 1868.621 ms - 222 account-1 | GET /v1/user 200 3.384 ms - 581 account-1 | GET /v1/user 200 2.690 ms - 581 account-1 | GET /v1/user 200 2.300 ms - 581 account-1 | GET /v1/user 200 3.528 ms - 581 account-1 | GET /v1/user 200 2.931 ms - 581 account-1 | GET /v1/user 200 2.414 ms - 581 account-1 | POST /ac/ 200 3.128 ms - 54 account-1 | GET /v1/user 200 3.100 ms - 581 account-1 | GET /v1/user 200 3.384 ms - 581 account-1 | GET /v1/user 200 2.368 ms - 581 account-1 | GET /v1/user 200 2.951 ms - 581 account-1 | GET /v1/user 200 2.690 ms - 581 account-1 | POST /v1/api/oauth20/access_token/generate 400 50.929 ms - 137 account-1 | POST /v1/api/oauth20/access_token/generate 400 50.087 ms - 137 account-1 | GET / 200 0.244 ms - 240 account-1 | GET /v1/api/admin/mapped_ids?input_type=user_id&output_type=pid&input=%20%2C 200 3.776 ms - 94 account-1 | GET / 200 0.284 ms - 240 account-1 | POST /ac/ 200 20.060 ms - 142 account-1 | POST /ac/ 200 15.434 ms - 142 account-1 | POST /ac/ 200 13.482 ms - 142 account-1 | GET /v1/user 200 2.296 ms - 581 account-1 | GET / 200 0.307 ms - 240 account-1 | GET /v1/api/admin/mapped_ids?input_type=user_id&output_type=pid&input=%20%2C 200 3.339 ms - 94 account-1 | GET /v1/api/people/@me/devices/owner 200 49.807 ms - 1180 account-1 | POST /v1/api/people/@me/devices/ 200 68.798 ms - 1180 account-1 | POST /v1/api/oauth20/access_token/generate 200 53.334 ms - 208 account-1 | PUT /v1/api/people/@me/miis/@primary 200 1633.516 ms - 0 account-1 | GET /v1/api/people/@me/profile 200 4.690 ms - 1200 account-1 | GET /v1/api/people/@me/profile 200 4.846 ms - 1200 account-1 | GET / 200 0.265 ms - 240 account-1 | POST /ac/ 200 14.213 ms - 142 account-1 | POST /ac/ 200 15.831 ms - 142 account-1 | POST /ac/ 200 12.465 ms - 142 account-1 | GET / 200 0.281 ms - 240 account-1 | POST /ac/ 200 14.207 ms - 142 account-1 | POST /ac/ 200 15.816 ms - 142 account-1 | POST /ac/ 200 13.487 ms - 142 account-1 | POST /ac/ 200 12.997 ms - 142 account-1 | POST /ac/ 200 13.361 ms - 142 account-1 | POST /ac/ 200 12.548 ms - 142 account-1 | POST /ac/ 200 16.089 ms - 142 account-1 | POST /ac/ 200 15.471 ms - 142 account-1 | POST /ac/ 200 13.224 ms - 142 account-1 | GET / 200 0.398 ms - 240 account-1 | GET /v1/user 400 4.434 ms - 68 account-1 | POST /v1/login 400 2.620 ms - 69 account-1 | POST /v1/login 200 43.674 ms - 222 account-1 | GET /v1/user 200 2.938 ms - 585 account-1 | Debugger listening on ws://0.0.0.0:9229/9b60c73b-5e93-4c73-8ed5-dcb692988016 account-1 | For help, see: https://nodejs.org/en/docs/inspector account-1 | [18:14:6] [INFO]: Loading config account-1 | [18:14:6] [INFO]: Config loaded, checking integrity account-1 | [18:14:6] [WARN]: Failed to find captcha secret config. Disabling feature. To enable feature set the PN_ACT_CONFIG_HCAPTCHA_SECRET environment variable account-1 | [18:14:6] [WARN]: Failed to find Stripe api key! If a PNID is deleted with an active subscription, the subscription will NOT be canceled! Set the PN_ACT_CONFIG_STRIPE_SECRET_KEY environment variable to enable account-1 | [18:14:7] [INFO]: [conntest] Applying imported routes account-1 | [18:14:7] [INFO]: [conntest] Creating 'conntest' subdomain account-1 | [18:14:7] [INFO]: [cbvc] Applying imported routes account-1 | [18:14:7] [INFO]: [cbvc] Creating 'cbvc' subdomain account-1 | [18:14:7] [INFO]: [NNAS] Applying imported routes account-1 | [18:14:7] [INFO]: [NNAS] Importing middleware account-1 | [18:14:7] [INFO]: [NNAS] Creating 'account' subdomain account-1 | [18:14:7] [INFO]: [NNAS] Creating 'c.account' subdomain account-1 | [18:14:7] [INFO]: [NASC] Importing middleware account-1 | [18:14:7] [INFO]: [NASC] Applying imported routes account-1 | [18:14:7] [INFO]: [NASC] Creating 'nasc' subdomain account-1 | [18:14:7] [INFO]: [DATASTORE] Applying imported routes account-1 | [18:14:7] [INFO]: [DATASTORE] Creating 'datastore' subdomain account-1 | [18:14:7] [INFO]: [USER API] Importing middleware account-1 | [18:14:7] [INFO]: [USER API] Applying imported routes account-1 | [18:14:7] [INFO]: [USER API] Creating 'api' subdomain account-1 | [18:14:7] [INFO]: [LOCAL-CDN] s3 enabled, skipping local CDN account-1 | [18:14:7] [INFO]: [assets] Setting up public folder account-1 | [18:14:7] [INFO]: [conntest] Creating 'assets' subdomain account-1 | [18:14:7] [INFO]: Setting up Middleware account-1 | [18:14:7] [INFO]: Creating 404 status handler account-1 | [18:14:7] [INFO]: Creating non-404 status handler account-1 | [18:14:7] [INFO]: Starting server account-1 | (node:1) NOTE: We are formalizing our plans to enter AWS SDK for JavaScript (v2) into maintenance mode in 2023. account-1 | account-1 | Please migrate your code to use AWS SDK for JavaScript (v3). account-1 | For more information, check the migration guide at https://a.co/7PzMCcy account-1 | (Use node --trace-warnings ... to show where the warning was created) account-1 | [18:14:8] [SUCCESS]: Database connected account-1 | [18:14:8] [SUCCESS]: Cache enabled account-1 | [18:14:8] [SUCCESS]: gRPC server started on port 5000 account-1 | [18:14:8] [SUCCESS]: HTTP server started on port 8080 account-1 | GET / 200 4.161 ms - 240 account-1 | POST /ac/ 200 28.158 ms - 54 account-1 | POST /ac/ 200 3.677 ms - 54 account-1 | POST /ac/ 200 3.054 ms - 54 account-1 | POST /ac/ 200 2.978 ms - 54

(I am sorry in advance if I missed something and didn't remove it, I don't know what embedded data may or may not be safe to share. Please forgive me.)

[MatthewL246]

(I am sorry in advance if I missed something and didn't remove it, I don't know what embedded data may or may not be safe to share. Please forgive me.)

No worries, there are no issues with the logs there. The issue with your first post is that the 3DS sends some base64-encoded private/console-specific information like the MAC address, WiFi info, and fcdcert. The one that's particularly risky is the fcdcert: this is the certificate that Pretendo uses to enforce console bans. Be careful not to send that publicly in the future, as someone could potentially copy it and use it to evade bans on Pretendo's official servers while appearing to be your console.

Now it generated a new friend code, and seems to connect to the server, but returns error code 002-0102 upon opening friends list.

That error will appear when the console attempts to log in with a NEX account (essentially, the internal account that the friend code is generated from) that doesn't exist on the server. For example, trying to log into your local server with a Pretendo NEX account or vice versa.

I'd suggest that you make sure that Nimbus is set to Pretendo and then try re-running the reset friends test account app.

[SpringtrapISZ]

No worries, there are no issues with the logs there. The issue with your first post is that the 3DS sends some base64-encoded private/console-specific information like the MAC address, WiFi info, and fcdcert. The one that's particularly risky is the fcdcert: this is the certificate that Pretendo uses to enforce console bans. Be careful not to send that publicly in the future, as someone could potentially copy it and use it to evade bans on Pretendo's official servers while appearing to be your console.

Ah okay... now that I know what information is sensitive, I'll be sure to exclude it. Thank you.

That error will appear when the console attempts to log in with a NEX account (essentially, the internal account that the friend code is generated from) that doesn't exist on the server. For example, trying to log into your local server with a Pretendo NEX account or vice versa.

That's what I had thought, although resetting the friends code environment once again, like you suggested below, did nothing before. I'll be sure to try that again here momentarily, and I'll report back when I recieve something in return.

I'd suggest that you make sure that Nimbus is set to Pretendo and then try re-running the reset friends test account app.

I triple checked to make sure that was correctly set before I began troubleshooting. Thank you for your help, I greatly appreciate it.

[SpringtrapISZ]

Tried resetting the friend code again, friend card has no code now and I get an error of 001-0502 when I open the friends list. Tried restarting it three or four times, nothing changed.

[MatthewL246]

Thanks for trying, and I'm sorry that didn't work.

Error code 001-0502 is a common generic error code that unfortunately only says that the console failed to connect to the friends server. Let's try to narrow this down:

1. Is the console successfully sending requests through mitmproxy?
2. Is the account server successfully receiving and responding to the requests?
3. On the console, has the NEX account been created yet?
   • Look at the most recent POST http://nasc.pretendo.cc/ac/ request in mitmproxy, and check whether the request data contains either the passwd or the userid parameter. For example, the original request you submitted in the issue body does contain it.
   • If it contains passwd, then the account has not been created yet and this is the initial account creation request.
   • If it contains userid, then the account has already been created.
   • Sidenote: Yes, it's a little weird: when creating a new NEX account, the console generates the account's password locally and sends that password to the server. Then, the server generates a PID (principal ID, basically the account's username), stores the new account in the database, and responds with the PID. The console then stores the PID and password, and at this point, your new friend code shows up.
4. Is the console connecting to the friends server at all?
   • Check docker compose logs friends.

[SpringtrapISZ]

Thanks for trying, and I'm sorry that didn't work.

Not a problem, I really appreciate you helping... this continues to be an active problem for me.

Error code 001-0502 is a common generic error code that unfortunately only says that the console failed to connect to the friends server. Let's try to narrow this down:

1. Is the console successfully sending requests through mitmproxy?
2. Is the account server successfully receiving and responding to the requests?

3. On the console, has the NEX account been created yet?

   • Look at the most recent POST http://nasc.pretendo.cc/ac/ request in mitmproxy, and check whether the request data contains either the passwd or the userid parameter. For example, the original request you submitted in the issue body does contain it.
   • If it contains passwd, then the account has not been created yet and this is the initial account creation request.
   • If it contains userid, then the account has already been created.
   • Sidenote: Yes, it's a little weird: when creating a new NEX account, the console generates the account's password locally and sends that password to the server. Then, the server generates a PID (principal ID, basically the account's username), stores the new account in the database, and responds with the PID. The console then stores the PID and password, and at this point, your new friend code shows up.

I'm checking this ^ right now, and it seems that every time I make a PNID with my local server, it stays on the 3DS until I reboot it. Then it gets wiped. I noticed that both after I linked the ID made through the web interface, and after I rebooted the 3DS, it contained the passwd parameter. I have noticed, however, while accidentally letting my 3DS connect to legitimate Pretendo services, it instantly creates a friend code, and I appear as online in the friends list, with this newly generated friend code.

4. Is the console connecting to the friends server at all?

   • Check docker compose logs friends.

I'll be checking this momentarily ^

[SpringtrapISZ]

I have tried three different times to check the friends list logs, and each time returns basically nothing, and says that the execution has paused because the program is panicking. I'm finding it rather odd that linking my PNID to my 3DS resets after a reboot... it may be my problem, but I don't know what would be causing it to not save it. I do work a job, so typically I am quite busy, however I will respond as soon as I can.