Ability to start the node under insecure wifi

tadaskay commented 3 years ago

It's a common use case to use VPN with insecure wifi, but our node is unable to start under such network due to SSL cert errs (logs below). It would be nice to have a fallback mechanism that could work under such conditions.

2021-06-21T10:15:09.383 DBG source/logconfig/rollingwriter/rollingwriter.go:76 > Found 0 old log files in log directory, skipping cleanup
2021-06-21T10:15:09.383 INF source/cmd/di.go:192                     > Starting Mysterium Node 0.47.1
2021-06-21T10:15:09.384 DBG source/config/config.go:196              > Returning default value outgoing-firewall:false
2021-06-21T10:15:09.384 DBG source/config/config.go:196              > Returning default value incoming-firewall:false
2021-06-21T10:15:09.384 INF source/firewall/incoming_firewall_noop.go:32 > Rules bootstrap was requested
2021-06-21T10:15:09.384 DBG source/config/config.go:187              > Returning CLI value usermode:true
2021-06-21T10:15:09.385 INF source/cmd/di.go:613                     > Using local DNS: testnet2-broker.mysterium.network -> [95.216.204.232]
2021-06-21T10:15:09.385 INF source/cmd/di.go:613                     > Using local DNS: testnet2-transactor.mysterium.network -> [135.181.82.67]
2021-06-21T10:15:09.385 INF source/cmd/di.go:613                     > Using local DNS: badupnp.benjojo.co.uk -> [104.22.70.70 104.22.71.70 172.67.25.154]
2021-06-21T10:15:09.385 INF source/cmd/di.go:613                     > Using local DNS: testnet2-quality.mysterium.network -> [116.202.100.246]
2021-06-21T10:15:09.385 INF source/cmd/di.go:613                     > Using local DNS: feedback.mysterium.network -> [116.203.17.150]
2021-06-21T10:15:09.385 INF source/cmd/di.go:613                     > Using local DNS: api.ipify.org -> [54.204.14.42 54.225.153.147 54.235.83.248 54.243.161.145 23.21.109.69 23.21.126.66 50.19.252.36 174.129.214.20]
2021-06-21T10:15:09.385 INF source/cmd/di.go:613                     > Using local DNS: testnet2-pilvytis.mysterium.network -> [195.201.220.36]
2021-06-21T10:15:09.385 INF source/cmd/di.go:613                     > Using local DNS: testnet2-api.mysterium.network -> [78.47.55.197]
2021-06-21T10:15:09.385 INF source/cmd/di.go:613                     > Using local DNS: testnet2-trust.mysterium.network -> [95.216.204.232]
2021-06-21T10:15:09.386 INF source/cmd/di.go:613                     > Using local DNS: testnet2-location.mysterium.network -> [95.216.204.232]
2021-06-21T10:15:09.386 DBG source/communication/nats/connector.go:78 > Connecting to NATS servers: [nats://testnet2-broker.mysterium.network:4222]
2021-06-21T10:15:09.386 INF source/firewall/outgoing_firewall_noop.go:57 > Allow URL nats://testnet2-broker.mysterium.network:4222 access
2021-06-21T10:15:09.386 INF source/firewall/outgoing_firewall_noop.go:57 > Allow URL nats://testnet2-broker.mysterium.network:4222 access
2021-06-21T10:15:09.386 INF source/firewall/outgoing_firewall_noop.go:57 > Allow URL nats://95.216.204.232:4222 access
2021-06-21T10:15:11.116 INF source/cmd/di.go:637                     > Using Eth endpoint: wss://goerli.infura.io/ws/v3/c2c7da73fcc84ec5885a7bb0eb3c3637
2021-06-21T10:15:12.228 INF source/firewall/outgoing_firewall_noop.go:57 > Allow URL wss://goerli.infura.io/ws/v3/c2c7da73fcc84ec5885a7bb0eb3c3637 access
2021-06-21T10:15:12.228 INF source/firewall/outgoing_firewall_noop.go:57 > Allow URL https://testnet2-ndiscovery.mysterium.network/api/v3 access
2021-06-21T10:15:12.228 INF source/firewall/outgoing_firewall_noop.go:57 > Allow URL https://testnet2-transactor.mysterium.network/api/v1 access
2021-06-21T10:15:12.228 INF source/firewall/outgoing_firewall_noop.go:57 > Allow URL https://testnet2-hermes.mysterium.network/api/v2 access
2021-06-21T10:15:12.229 INF source/firewall/outgoing_firewall_noop.go:57 > Allow URL https://testnet2-pilvytis.mysterium.network/api/v1 access
2021-06-21T10:15:12.229 INF source/firewall/incoming_firewall_noop.go:53 > Allow URL wss://goerli.infura.io/ws/v3/c2c7da73fcc84ec5885a7bb0eb3c3637 access
2021-06-21T10:15:12.229 INF source/firewall/incoming_firewall_noop.go:53 > Allow URL https://testnet2-ndiscovery.mysterium.network/api/v3 access
2021-06-21T10:15:12.230 INF source/firewall/incoming_firewall_noop.go:53 > Allow URL https://testnet2-transactor.mysterium.network/api/v1 access
2021-06-21T10:15:12.230 INF source/firewall/incoming_firewall_noop.go:53 > Allow URL https://testnet2-hermes.mysterium.network/api/v2 access
2021-06-21T10:15:12.230 INF source/firewall/incoming_firewall_noop.go:53 > Allow URL https://testnet2-pilvytis.mysterium.network/api/v1 access
2021-06-21T10:15:12.230 DBG source/config/config.go:196              > Returning default value keep-connected-on-fail:false
2021-06-21T10:15:12.230 INF source/firewall/outgoing_firewall_noop.go:57 > Allow URL https://testnet2-location.mysterium.network/api/v1/location access
2021-06-21T10:15:12.230 INF source/firewall/incoming_firewall_noop.go:53 > Allow URL https://testnet2-location.mysterium.network/api/v1/location access
2021-06-21T10:15:12.231 DBG source/config/config.go:196              > Returning default value keep-connected-on-fail:false
2021-06-21T10:15:12.231 INF source/firewall/outgoing_firewall_noop.go:57 > Allow URL https://testnet2-location.mysterium.network/api/v1/location access
2021-06-21T10:15:12.231 INF source/firewall/incoming_firewall_noop.go:53 > Allow URL https://testnet2-location.mysterium.network/api/v1/location access
2021-06-21T10:15:12.231 DBG source/config/config.go:196              > Returning default value keep-connected-on-fail:false
2021-06-21T10:15:12.231 DBG source/cmd/di.go:683                     > Using lightweight keystore
2021-06-21T10:15:12.233 DBG source/config/config.go:196              > Returning default value data-dir:/Users/tadas/.mysterium
2021-06-21T10:15:12.233 DBG source/config/config.go:196              > Returning default value mmn.api-address:https://my.mysterium.network/api/v1
2021-06-21T10:15:12.233 DBG source/cmd/di.go:823                     > Experimental NAT punching enabled, creating a pinger
2021-06-21T10:15:12.233 DBG source/config/config.go:196              > Returning default value nat-port-mapping:true
2021-06-21T10:15:12.233 DBG source/cmd/di_desktop.go:52              > Skipping services bootstrap for consumer mode
2021-06-21T10:15:12.233 INF source/firewall/outgoing_firewall_noop.go:57 > Allow URL https://testnet2-quality.mysterium.network/api/v2 access
2021-06-21T10:15:12.233 INF source/firewall/incoming_firewall_noop.go:53 > Allow URL https://testnet2-quality.mysterium.network/api/v2 access
2021-06-21T10:15:12.234 DBG source/config/config.go:196              > Returning default value keep-connected-on-fail:false
2021-06-21T10:15:12.234 DBG source/cmd/di_desktop.go:180             > Skipping hermes promise settler for consumer mode
2021-06-21T10:15:12.234 DBG source/cmd/di_desktop.go:152             > Skipping provider registrar for consumer mode
2021-06-21T10:15:12.234 INF source/feedback/reporter.go:40           > Using feedback API at: https://feedback.mysterium.network
2021-06-21T10:15:12.234 DBG source/config/config.go:196              > Returning default value access-policy.address:https://testnet2-trust.mysterium.network/api/v1/access-policies/
2021-06-21T10:15:12.235 DBG source/config/config.go:196              > Returning default value pprof.enable:false
2021-06-21T10:15:12.235 INF source/pilvytis/order_status_tracker.go:102 > Tracking order statuses...
2021-06-21T10:15:12.235 INF source/tequilapi/http_api_server.go:77   > API started on: 127.0.0.1:44050
2021-06-21T10:15:12.235 INF source/firewall/outgoing_firewall_noop.go:48 > Allow IP 239.255.255.250 access
2021-06-21T10:15:12.235 DBG source/ui/noop/noop.go:35                > Start: NOOP UI server
2021-06-21T10:15:12.235 DBG source/sleep/sleep_darwin.go:34          > Register for sleep events
2021-06-21T10:15:12.235 DBG source/eventbus/event_bus.go:81          > Published topic="Node" event={Status:Started}
2021-06-21T10:15:12.236 DBG source/core/ip/cached_resolver.go:59     > Outbound IP cache is empty, fetching IP
2021-06-21T10:15:12.236 DBG source/core/ip/cached_resolver.go:79     > Public IP cache is empty, fetching IP
2021-06-21T10:15:12.237 DBG source/config/config.go:196              > Returning default value chain-id:5
2021-06-21T10:15:12.238 DBG source/identity/registry/registry_contract.go:144 > event received {Started}
2021-06-21T10:15:12.238 INF source/identity/registry/registry_contract.go:320 > Starting registry...
2021-06-21T10:15:12.238 DBG source/identity/registry/registry_contract.go:331 > Loading initial state
2021-06-21T10:15:12.239 DBG source/identity/registry/registry_contract.go:346 > Identity {"0xab5642ee8842e824bb12ddfa76a0fc30be355797"} already registered, skipping
2021-06-21T10:15:12.239 DBG source/core/location/oracle_resolver.go:64 > Detecting with oracle resolver
2021-06-21T10:15:12.239 DBG source/core/ip/cached_resolver.go:55     > Found cached outbound IP
2021-06-21T10:15:12.315 DBG source/core/discovery/repository.go:63   > Retrieving proposals from 1 repositories filter={"AccessPolicy":"","AccessPolicySource":"","CompatibilityMax":0,"CompatibilityMin":0,"ExcludeUnsupported":true,"IPType":"residential","LocationCountry":"","PriceGiBMax":250000000000000000,"PriceHourMax":5400000000000000,"ProviderID":"","QualityMin":1,"ServiceType":"wireguard"}
2021-06-21T10:15:12.406 ERR source/core/ip/resolver.go:101           > could not reach location service, will use fallbacks error="Get https://testnet2-location.mysterium.network/api/v1/location: x509: certificate signed by unknown authority"
2021-06-21T10:15:12.406 WRN source/core/location/cache.go:121        > Failed to detect original location error="failed to execute request: Get https://testnet2-location.mysterium.network/api/v1/location: x509: certificate signed by unknown authority"
2021-06-21T10:15:12.412 DBG source/config/config.go:196              > Returning default value chain-id:5
2021-06-21T10:15:12.421 ERR source/core/discovery/repository.go:93   > Returning 0 unique proposals error="ErrorCollection: cannot fetch proposals: Get https://testnet2-ndiscovery.mysterium.network/api/v3/proposals?ip_type=residential&price_gib_max=250000000000000000&price_hour_max=5400000000000000&quality_min=1.00&service_type=wireguard: x509: certificate signed by unknown authority"
2021-06-21T10:15:12.423 DBG source/config/config.go:196              > Returning default value chain-id:5
2021-06-21T10:15:12.494 INF source/cmd/di.go:283                     > Mysterium node started!
2021-06-21T10:15:12.518 DBG source/identity/manager.go:156           > Caching unlocked address: 0xab5642ee8842e824bb12ddfa76a0fc30be355797
2021-06-21T10:15:12.519 DBG source/identity/manager.go:143           > Unlocked identity found in cache, skipping keystore: 0xab5642ee8842e824bb12ddfa76a0fc30be355797
2021-06-21T10:15:12.519 DBG source/eventbus/event_bus.go:81          > Published topic="identity-unlocked" event={ChainID:5 ID:{Address:0xab5642ee8842e824bb12ddfa76a0fc30be355797}}
2021-06-21T10:15:12.519 DBG source/config/config.go:196              > Returning default value resident-country:<nil>
2021-06-21T10:15:12.519 DBG source/eventbus/event_bus.go:81          > Published topic="resident-country" event={ID:0xab5642ee8842e824bb12ddfa76a0fc30be355797 Country:}
2021-06-21T10:15:14.337 INF source/nat/upnp/discover.go:58           > UPnP gateways detected: 0
2021-06-21T10:15:20.089 INF source/session/pingpong/hermes_channel_repository.go:274 > Loaded state for provider {"0xab5642ee8842e824bb12ddfa76a0fc30be355797"}, hermesID "0xD5d2f5729D4581dfacEBedF46C7014DeFda43585": balance 0, available balance 0, unsettled balance 504567758014

stale[bot] commented 3 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

stale[bot] commented 2 years ago

This issue has been automatically closed because it has not had activity for a long time. If this issue is still valid, please ping a maintainer and ask them to label it as "pinned". Thank you for your contributions.

tadaskay commented 1 year ago

tail -f ~/.mysterium/logs/mysterium-node.log
2023-06-15T09:52:35.385 INF source/cmd/di.go:513                     > Node chain id 137
2023-06-15T09:52:35.669 ERR source/session/pingpong/hermes_url_getter.go:102 > failed to get hermes url from blockchain, using fallback error="Post \"https://polygon1.mysterium.network/\": x509: “polygon1.mysterium.network” certificate is not trusted" chain_id=137 hermes_id=0x80Ed28d84792d8b153bf2F25F0C4B7a1381dE4ab
2023-06-15T09:52:35.905 DBG source/firewall/outgoing_firewall_noop.go:61 > Rule for URL: nats://broker.mysterium.network:4222 removed
2023-06-15T09:52:35.905 DBG source/firewall/outgoing_firewall_noop.go:61 > Rule for URL: nats://broker.mysterium.network:4222 removed
2023-06-15T09:52:35.905 DBG source/firewall/outgoing_firewall_noop.go:61 > Rule for URL: nats://51.15.116.186:4222 removed
2023-06-15T09:52:35.905 DBG source/firewall/outgoing_firewall_noop.go:61 > Rule for URL: nats://51.15.72.87:4222 removed
2023-06-15T09:52:35.905 INF source/firewall/incoming_firewall_noop.go:38 > Rules reset was requested
2023-06-15T09:52:35.905 INF source/firewall/outgoing_firewall_noop.go:35 > Rules reset was requested
2023-06-15T09:52:35.905 DBG source/config/config.go:216              > Returning CLI value usermode:true
2023-06-15T09:52:35.905 ERR source/cmd/mysterium_node/mysterium_node.go:68 > Failed to execute command:  error="could not get hermes URL: Get \"https://observer.mysterium.network/api/v1/observed/hermes\": x509: “observer.mysterium.network” certificate is not trusted"

tadaskay commented 1 year ago

Still valid

mysteriumnetwork / node

Ability to start the node under insecure wifi #3522