search

jacobalberty / unifi-docker

Unifi Docker files
MIT License
2.14k stars 454 forks source link

can't connect to controller since 5.5.24 #66

Closed jeroenjacobs79 closed 6 years ago

jeroenjacobs79 commented 6 years ago

Host operating system

Synology DSM

What tag are you using

Example: 5.5.24

What actually happens?

I was using your 5.5.20 image without issues. I now upgraded to your 5.5.24 image and now Chrome tells me:

This site can’t provide a secure connection

controller.internal.headincloud.be uses an unsupported protocol.
ERR_SSL_VERSION_OR_CIPHER_MISMATCH
HIDE DETAILS
Unsupported protocol
The client and server don't support a common SSL protocol version or cipher suite.

I tried mapping my data logdir to the new paths (/unifi/data and /unifi/log instead of /var/lib/unifi and /var/log/unifi), but this makes no difference.

This is the log from the container:

2017-10-16 20:16:01 | stdout | [2017-10-16 22:16:01,242] <docker-entrypoint> WARNING: Running UniFi in insecure (root) mode
2017-10-16 20:16:01 | stdout | [2017-10-16 22:16:01,240] <docker-entrypoint> Starting unifi controller service.
2017-10-16 20:16:01 | stdout | [2017-10-16 22:16:01,228] <docker-entrypoint> Done!
2017-10-16 20:16:01 | stdout | Unable to import the certificate into keystore
  |   |  
2017-10-16 20:16:00 | stdout | [2017-10-16 22:16:00,054] <docker-entrypoint> Importing cert into Unifi database...
2017-10-16 20:15:59 | stdout | keytool error: java.lang.Exception: Source keystore file exists, but is empty: /tmp/tmp.rwH5Asisiy
2017-10-16 20:15:59 | stdout | [2017-10-16 22:15:59,365] <docker-entrypoint> Inserting certificate into Unifi keystore...
2017-10-16 20:15:59 | stdout | keytool error: java.lang.Exception: Alias <unifi> does not exist
  |   |  
2017-10-16 20:15:58 | stdout | [2017-10-16 22:15:58,761] <docker-entrypoint> Removing existing certificate from Unifi protected keystore...
2017-10-16 20:15:58 | stdout | pkcs12: Use -help for summary.
  |   |  
2017-10-16 20:15:58 | stdout | pkcs12: Cannot open input file /unifi/cert/cert.pem, No such file or directory
2017-10-16 20:15:58 | stdout | [2017-10-16 22:15:58,753] <docker-entrypoint> Using openssl to prepare certificate...
2017-10-16 20:15:58 | stdout | md5sum: /unifi/cert/cert.pem: No such file or directory
  |   |  
2017-10-16 20:15:58 | stdout | [2017-10-16 22:15:58,749] <docker-entrypoint> Cert has changed, updating controller...
2017-10-16 20:15:58 | stdout | x509: Use -help for summary.
  |   |  
2017-10-16 20:15:58 | stdout | x509: Cannot open input file /unifi/cert/cert.pem, No such fil
e or directory
2017-10-16 20:15:58 | stdout | [2017-10-16 22:15:58,461] <docker-entrypoint> Cert directory found. Checking Certs
jeroenjacobs79 commented 6 years ago

And suddenly everything starts working again :-p

jacobalberty commented 6 years ago

Sorry there was a bug, it was trying to create an empty keystore when there was no certificate. I probably pushed the fix as you were typing. Trying to get some changes In place to upgrade firmware easier for a crack fix

On Oct 16, 2017 3:36 PM, "Jeroen Jacobs" notifications@github.com wrote:

Closed #66 https://github.com/jacobalberty/unifi-docker/issues/66.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/jacobalberty/unifi-docker/issues/66#event-1295643102, or mute the thread https://github.com/notifications/unsubscribe-auth/AB42gp02vhZevzEc5k1kvL_5aPfkWTqAks5ss744gaJpZM4P7L5b .