Can't connect to cloud when trying to claim node

nedludd · December 5, 2022, 3:52pm

Node claiming fails with a problem connecting to app.netdata.cloud.

Failed to connect to https://app.netdata.cloud, return code 60
Connection attempt 1 failed. Retry in 1s.
Failed to connect to https://app.netdata.cloud, return code 60
Connection attempt 2 failed. Retry in 2s.
Failed to connect to https://app.netdata.cloud, return code 60
Connection attempt 3 failed. Retry in 3s.

The node is on Linode and from there I cannot ping app.netdata.cloud and a traceroute hangs up on an akamai node. Perhaps this is normal ICMP blocking for security.

The netdata clound is an AWS ingress point:

❯ dig app.netdata.cloud     
main-ingress-545609a41fcaf5d6.elb.us-east-1.amazonaws.com.
54.198.178.11
44.207.131.212
44.196.50.41

And if I tshark the connection I do see an expired certificate alert. Could that be the problem?

338 9.957636811 172.105.152.168 → 44.196.50.41 TLSv1.2 73 Alert (Level: Fatal, Description: Certificate Expired)

nedludd · December 5, 2022, 3:54pm

Ah wait, maybe it’s a certificate problem on the NODE side! This is a node that for for idiotic reasons has not been updated in a while.

Mateusz_Bularz · December 5, 2022, 7:18pm

Hey!
You are not alone with this problem. Problem is that ~middle 2021, Let’s Encrypt changed their certificate chain. Because of that many systems that are not updated often enough faced the problem of not trusting our current certificate. Your machine does not trust us because path of certification is not trusted for it.

But just to be sure I checked our app.netdata.cloud and it looks healthy:

openssl s_client -connect app.netdata.cloud:443 | openssl x509 -noout -dates
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = R3
verify return:1
depth=0 CN = app.netdata.cloud
verify return:1
notBefore=Oct 19 06:50:32 2022 GMT
notAfter=Jan 17 06:50:31 2023 GMT

Have a nice day
Mat

hugo · December 6, 2022, 9:22am

Hi,

Thanks for confirming that is the issue @Mateusz_Bularz. We actually have a thread on the forum about that, so @nedludd please check this thread Certificate verification error connecting to the cloud

Hope you get it sorted out.

Regards,
Hugo

Topic		Replies	Views
Unable to claim node. error is: Failed to connect to https://app.netdata.cloud, return code 60 Help cloud	7	1148	March 24, 2023
Error (return code) 60 when trying to claim code when trying to connect node with cloud service Help cloud-ui , claiming , agent	1	2387	October 14, 2021
Issues installing Netdata on servers Help agent , cloud , installation , node-claiming	7	1991	July 14, 2022
Claiming a new node fails Help cloud	0	476	February 18, 2022
Cannot move node Help agent-installation , cloud-ui , agent	13	1601	July 7, 2021

Can't connect to cloud when trying to claim node

Related topics