search

darkrenaissance / darkfi

Anonymous. Uncensored. Sovereign.
https://dark.fi
GNU Affero General Public License v3.0
1.11k stars 116 forks source link

Deposit error BTC/SOL #74

Closed hughwang41 closed 2 years ago

hughwang41 commented 2 years ago

Using debian 11 x64

Error: JsonRpcError("\"Async_Native_TLS error: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed:../ssl/statem/statem_clnt.c:1913: (IP address mismatch)\"")

ghost commented 2 years ago

i get the same error on a VM of ubuntu server, and a slightly different error on macos

i'm running the latest github clone

macos error might be related to this: https://github.com/sfackler/rust-native-tls/issues/143

it seems the most common solution for the linux error to check your date/time is in sync, but that doesnt fix it for me

reproduce on macos:

# window 1 (this seems to run fine)
darkfid -v
# window 2 (typing this command gives the error)
drk deposit --network solana SOL

⬇️

# window 1
14:50:12 [DEBUG] (18) RPC SERVER: Accepted connection
14:50:12 [DEBUG] (18) RPC: --> {"jsonrpc":"2.0","method":"features","params":[],"id":2906844179}
14:50:12 [DEBUG] (18) darkfi::node::wallet::walletdb: Finding own coins
14:50:13 [DEBUG] (18) RPC: <-- {"jsonrpc":"2.0","error":{"code":-32004,"message":"Async_Native_TLS error: `The certificate was not trusted.`"},"id":2906844179}
14:50:13 [DEBUG] (18) RPC SERVER: Closed connection
# window 2
Error: JsonRpcError("\"Async_Native_TLS error: `The certificate was not trusted.`\"")

Console (system log files):

time process message
12:44:47.682200+1100 trustd cert[0]: SSLHostname =(leaf)[]> 0
12:44:47.682347+1100 trustd cert[0]: TemporalValidity =(leaf)[]> 0
12:44:47.687355+1100 trustd cert[3]: TemporalValidity =(leaf)[]> 0
12:44:47.692850+1100 trustd Task <71D80DC4-01D0-40A4-ACBE-CFFE97B5AD88>.<2> resuming, timeouts(60.0, 3.0) QOS(0x15) Voucher
12:44:47.695703+1100 trustd [Telemetry]: Activity <nw_activity 12:2 [D0F6476F-D24A-4EE6-B3AE-9042273B71E1] (reporting strategy default)> on Task <71D80DC4-01D0-40A4-ACBE-CFFE97B5AD88>.<2> was not selected for reporting
12:44:47.695899+1100 trustd cert[0]: TemporalValidity =(leaf)[]> 0
12:44:47.696247+1100 trustd could not enable test hierarchy: no UAT pinning preferences set
12:44:47.696688+1100 trustd cert[0]: TemporalValidity =(path)[]> 0
12:44:47.696751+1100 trustd Task <71D80DC4-01D0-40A4-ACBE-CFFE97B5AD88>.<2> now using Connection 13
12:44:47.697185+1100 trustd Task <71D80DC4-01D0-40A4-ACBE-CFFE97B5AD88>.<2> sent request, body N 0
12:44:47.712409+1100 trustd Task <71D80DC4-01D0-40A4-ACBE-CFFE97B5AD88>.<2> received response, status 200 content K
12:44:47.712760+1100 trustd Task <71D80DC4-01D0-40A4-ACBE-CFFE97B5AD88>.<2> response ended
12:44:47.712910+1100 trustd Task <71D80DC4-01D0-40A4-ACBE-CFFE97B5AD88>.<2> done using Connection 13
12:44:47.713038+1100 trustd Task <71D80DC4-01D0-40A4-ACBE-CFFE97B5AD88>.<2> summary for task success {transaction_duration_ms=16, response_status=200, connection=13, reused=1, request_start_ms=0, request_duration_ms=0, response_start_ms=16, response_duration_ms=0, request_bytes=366, response_bytes=225, cache_hit=false}
12:44:47.713891+1100 trustd Task <71D80DC4-01D0-40A4-ACBE-CFFE97B5AD88>.<2> finished successfully
12:44:47.714149+1100 trustd responder: http://r3.o.lencr.org returned status: 6
12:44:47.714930+1100 darkfid Trust evaluate failure: [leaf SSLHostname TemporalValidity]
12:44:48.535684+1100 trustd Failed to talk to secd after 4 attempts.
12:44:48.535892+1100 trustd cert[0]: MissingIntermediate =(leaf)[force]> 0
12:44:48.536058+1100 trustd cert[0]: SignatureHashAlgorithms =(path)[]> 0
12:44:48.536108+1100 trustd cert[0]: NonEmptySubject =(path)[]> 0
12:44:48.536627+1100 trustd cert[0]: ServerAuthEKU =(path)[]> 0
12:44:48.536870+1100 trustd Non-system-trusted leaf validity period longer than 825 days and issued on or after 1 July 2019
12:44:48.536928+1100 trustd cert[0]: ValidityPeriodMaximums =(path)[]> 0
12:44:48.539567+1100 trustevaluationagent Trust evaluate failure: [leaf MissingIntermediate NonEmptySubject ServerAuthEKU SignatureHashAlgorithms ValidityPeriodMaximums]

reproduce on ubuntu server:

# window 1 (this seems to run fine)
darkfid -v
# window 2 (typing this command gives the error)
drk deposit --network solana SOL

⬇️ (note: i had to type this out bc i couldn't copy the text from the VM, so potentially a typo. i can re-check if you think i made a typo)

# window 1
14:54:23 [DEBUG] (10) RPC SERVER: Accepted connection
14:54:23 [DEBUG] (10) RPC: --> {"jsonrpc":"2.0","method":"features","params":[],"id":3014154990}
14:54:23 [DEBUG] (10) darkfi::node::wallet::walletdb: Finding own coins
14:54:25 [DEBUG] (10) RPC: <-- {"jsonrpc":"2.0","error":{"code1":-32004,"message": "Async_Native_TLS error: `error: 1416F086:SSL routines:tls_process_server_certificate:certificate verify failed:../ssl/statem/statem_clnt.c:1913: (IP address mismatch)`"},"id": 3014154990}
14:54:25 [DEBUG] (10) RPC SERVER: Closed connection
# window 2
Error: JsonRpcError("\"Async_Native_TLS error: `error: 1416F086:SSL routines:tls_process_server_certificate:certificate verify failed:../ssl/statem/statem_clnt.c:1913: (IP address mismatch)`\"")
ghassmo commented 2 years ago

I will close this issue, a new update will release