search

Pectojin / duplicati-client

A command line client for controlling the Duplicati Server
GNU Lesser General Public License v2.1
75 stars 20 forks source link

Error with the certificate while trying to login into the server #34

Closed joseraeiro closed 1 year ago

joseraeiro commented 1 year ago

Hello!

I'm trying to login into the server using duc login https://localhost --insecure but I'm getting the following error:

Traceback (most recent call last):
  File "/usr/bin/duc", line 1397, in <module>
    main(**vars(args))
  File "/usr/bin/duc", line 103, in main
    data = auth.login(data, url, password, verify, interactive,
  File "/opt/duplicati-client/auth.py", line 112, in login
    token = urllib.parse.unquote(r.cookies["xsrf-token"])
  File "/usr/lib/python3/dist-packages/requests/cookies.py", line 328, in __getitem__
    return self._find_no_duplicates(name)
  File "/usr/lib/python3/dist-packages/requests/cookies.py", line 399, in _find_no_duplicates
    raise KeyError('name=%r, domain=%r, path=%r' % (name, domain, path))
KeyError: "name='xsrf-token', domain=None, path=None"

I already tried to start duplicati-server using a pfx key that I generated and then specifying this file with the --certfile option but I'm getting the following output:

Server certificate could not be validated. You can specify a certificate with --certfile or explicitly ignore this error with --insecure

Pectojin commented 1 year ago

Can you try turning on verbose mode and checking what duc claims to be connecting to?

% duc verbose
verbose mode: True
% duc login https://localhost --insecure
Connecting to https://localhost:443...

The url parsing is a bit.. weird.. at times because it has to merge the CLI input with the config file which may specify a port as well.

It's possible that duc is connecting to your duplicati instance on its plaintext port. At least if I force mine to do that it gives the same kind of error:

% duc login https://localhost:8200 --insecure
Connecting to https://localhost:8200...
Server certificate could not be validated. 
Code: 526
You can specify a certificate with --certfile or explicitly ignore this error with --insecure

In which case the workaround is to explicitly login with the port specificed duc login https://localhost:443 --insecure.

joseraeiro commented 1 year ago

I was able to login not using https. I've simply stated duc login http://localhost:8200 and it worked!

Thank you for your help!