0x55555555
commented
3 years ago Hi @apolionman,
What version have you updated to and what port/tls option are you using?
For more modern versions of minknow tls is required for connection
Thanks,
- George
Closed apolionman closed 3 years ago
0x55555555
commented
3 years ago Hi @apolionman,
What version have you updated to and what port/tls option are you using?
For more modern versions of minknow tls is required for connection
Thanks,
apolionman
commented
3 years ago Hi @jorj1988 ,
its MinKNOW version 21.02.7 and we are using port 9501
Thank you.
0x55555555
commented
3 years ago If you dont specify a port, but instead set use_tls to True, the api will select a port automatically (9502 for tls).
With the default configuration of minknow, port 9501 is no longer available remotely.
apolionman
commented
3 years ago Set it to true and received this error "minknow_api.MissingMinknowSSlCertError: Couldn't find a valid path to MinKNOW's CA SSL certificate to initiate a secure connection"
0x55555555
commented
3 years ago Apologies, if you arent using the minknow python environment you need to specify the path to the minknow CA cert in the environment variable: MINKNOW_TRUSTED_CA, eg:
os.environ['MINKNOW_TRUSTED_CA'] = "/opt/ont/minknow/conf/rpc-certs/ca.crt"and copy that file from your sequencing host.
apolionman
commented
3 years ago Thanks a lot @jorj1988 , it is working now.
output data: Position not in Use = 10 Currently Running = 38
Process finished with exit code 0
JensUweUlrich
commented
3 years ago Hi George,
just to make sure, that I understood it correctly. If I want to establish a connection from a local machine to MinKNOW on a remote machine, I only need to copy the ca.crt file from "rpc-certs" folder of the remote machine to my local machine. Then I use this certificate as root-certificate in the grpc::SSLCredentialsOptions in order to establish a secure channel connection? Intuitively I would guess, that I need to create a client certificate with openssl on my local machine by using the ca.crt file.
Best regards Jens
0x55555555
commented
3 years ago Hi Jens,
When you set the environment variable as above: os.environ['MINKNOW_TRUSTED_CA'] = "/opt/ont/minknow/conf/rpc-certs/ca.crt"
The MinKNOW api will pick this up and construct the correct grpc authorisation backend for you. You dont need to use grpc::SSLCredentialsOptions or work with openssl.
The server uses a certificate signed by ca.crt to serve, so you only need to tell your local python to trust the MinKNOW CA.
Hi!
we are developing a dashboard which shows the status of all our promethion 48 machines, it was working before but unfortunately after the MinKnow update it shows this error.
grpc._channel._InactiveRpcError: <_InactiveRpcError of RPC that terminated with: status = StatusCode.UNAVAILABLE details = "failed to connect to all addresses" debug_error_string = "{"created":"@1617778828.410866000","description":"Failed to pick subchannel","file":"src/core/ext/filters/client_channel/client_channel.cc","file_line":5397,"referenced_errors":[{"created":"@1617778828.410862000","description":"failed to connect to all addresses","file":"src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc","file_line":398,"grpc_status":14}]}"