Can't connect to my node via Sakia. I have two Yunohost servers

Folaht · 8 November 2017 17:55

Setup

Server A

Raspberry Pi 3
- Debian/Yunohost
  - Nextcloud (443)
    - CalDAV (443)
    - CardDAV (443)
  - Zerobin (443)
  - Cesium (443)

Server B

Raspberry Pi 2 (will upgrade this month)
- Debian/Yunohost
  - Duniter (443)
- LAN IP: 192.168.178.10

Client Computer

Desktop
- Arch Linux
  - Sakia

Router

Port forwarding

Server A
- 80
- 443

This means that I cannot access Server B on port 80 and 443.

It result into this error when I try to access https://duniter-folatt.nohost.me/webui:

Your connection is not secure

The owner of duniter-folatt.nohost.me has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.

This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox may only connect to it securely. As a result, it is not possible to add an exception for this certificate.

And for running sakia:

[me@Main-computer sakia]$ sakia --currency=Guilder-Test
Error connecting to the network : Error : No peer answered in  community (0 peers available)

So what to do?
I’ve tried changing port 443 to port 44344 on server B, but I’ve been told that either Yunohost or Duniter or both have port 443 hardcoded into their software.

My current configuration

Personal server (Server A)

Domains of Server A (Withheld and renamed to domain-a.tld for privacy)

admin@YunoHost:~ $ sudo yunohost domain list
domains: domain-a.tld

/etc/nginx/conf.d/domain-a.tld.conf

server {
    listen 80;
    listen [::]:80;
    server_name domain-a.tld;

    access_by_lua_file /usr/share/ssowat/access.lua;

    include conf.d/domain-a.tld.d/*.conf;

    location /yunohost/admin {
        return 301 https://$http_host$request_uri;
    }

    access_log /var/log/nginx/domain-a.tld-access.log;
    error_log /var/log/nginx/domain-a.tld-error.log;
}

server {
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name domain-a.tld;

    ssl_certificate /etc/yunohost/certs/domain-a.tld/crt.pem;
    ssl_certificate_key /etc/yunohost/certs/domain-a.tld/key.pem;
    ssl_session_timeout 5m;
    ssl_session_cache shared:SSL:50m;

    ssl_prefer_server_ciphers on;

    # Ciphers with intermediate compatibility
    # https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=nginx-1.6.2&openssl=1.0.1t&hsts=yes&profile=intermediate
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-S$

    # Ciphers with modern compatibility
    # https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=nginx-1.6.2&openssl=1.0.1t&hsts=yes&profile=modern
    # Uncomment the following to use modern ciphers, but remove compatibility with some old clients (android < 5.0, Internet Explorer < 10, ...)
    #ssl_protocols TLSv1.2;
    #ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-$

    # Uncomment the following directive after DH generation
    # > openssl dhparam -out /etc/ssl/private/dh2048.pem -outform PEM -2 2048
    #ssl_dhparam /etc/ssl/private/dh2048.pem;

    add_header Strict-Transport-Security "max-age=31536000;";

    access_by_lua_file /usr/share/ssowat/access.lua;

    include conf.d/domain-a.tld.d/*.conf;

    include conf.d/yunohost_admin.conf.inc;
    include conf.d/yunohost_api.conf.inc;

    access_log /var/log/nginx/domain-a.tld-access.log;
    error_log /var/log/nginx/domain-a.tld-error.log;
}

/etc/nginx.conf.d/domain-a.tld.d/duniter.conf

location / {
       proxy_set_header        X-Real-IP       $remote_addr;
       proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
       proxy_set_header        Host            $http_host;
       proxy_set_header        X-NginX-Proxy  true;

       proxy_pass             http://192.168.178.10:10901;
       proxy_redirect          off;

       # Socket.io support
       proxy_http_version 1.1;
       proxy_set_header Upgrade $http_upgrade;
       proxy_set_header Connection "upgrade";
       proxy_read_timeout 86400s; 
       proxy_send_timeout 86400s;

	location ~ \.(js|css|woff|woff2|ttf|png) {
		proxy_pass http://192.168.178.10:9220;
		access_by_lua_file /usr/share/ssowat/access.lua;
	}
	
	location /cesium {
		proxy_pass http://192.168.178.10:9220;
		access_by_lua_file /usr/share/ssowat/access.lua;
		# Include SSOWAT user panel.
		include conf.d/yunohost_panel.conf.inc;
	}

	location /webui {
		proxy_pass http://192.168.178.10:9220/;
		access_by_lua_file /usr/share/ssowat/access.lua;
		# Include SSOWAT user panel.
		include conf.d/yunohost_panel.conf.inc;
	}

	location ~ /webmin {
		proxy_pass http://192.168.178.10:9220$uri;
		access_by_lua_file /usr/share/ssowat/access.lua;
	}
	
	location ~ /modules {
		proxy_pass http://192.168.178.10:9220;
		access_by_lua_file /usr/share/ssowat/access.lua;
	}

}

Duniter server (Server B)

Domains of Server B

admin@Xroklaus:~ $ sudo yunohost domain list
domains: duniter-folatt.nohost.me

/etc/nginx/conf.d/duniter-folatt.nohost.me.d/duniter.conf

location / {
       proxy_set_header        X-Real-IP       $remote_addr;
       proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
       proxy_set_header        Host            $http_host;
       proxy_set_header        X-NginX-Proxy  true;

       proxy_pass             http://127.0.0.1:10901;
       proxy_redirect          off;

       # Socket.io support
       proxy_http_version 1.1;
       proxy_set_header Upgrade $http_upgrade;
       proxy_set_header Connection "upgrade";
       proxy_read_timeout 86400s; 
       proxy_send_timeout 86400s;

	location ~ \.(js|css|woff|woff2|ttf|png) {
		proxy_pass http://localhost:9220;
		access_by_lua_file /usr/share/ssowat/access.lua;
	}
	
	location /cesium {
		proxy_pass http://localhost:9220;
		access_by_lua_file /usr/share/ssowat/access.lua;
		# Include SSOWAT user panel.
		include conf.d/yunohost_panel.conf.inc;
	}

	location /webui {
		proxy_pass http://localhost:9220/;
		access_by_lua_file /usr/share/ssowat/access.lua;
		# Include SSOWAT user panel.
		include conf.d/yunohost_panel.conf.inc;
	}

	location ~ /webmin {
		proxy_pass http://localhost:9220$uri;
		access_by_lua_file /usr/share/ssowat/access.lua;
	}
	
	location ~ /modules {
		proxy_pass http://localhost:9220;
		access_by_lua_file /usr/share/ssowat/access.lua;
	}

}

/etc/nginx/conf.d/duniter-folatt.nohost.me.conf

server {
    listen 80;
    listen [::]:80;
    server_name duniter-folatt.nohost.me;

    access_by_lua_file /usr/share/ssowat/access.lua;

    include conf.d/duniter-folatt.nohost.me.d/*.conf;

    location /yunohost/admin {
        return 301 https://$http_host$request_uri;
    }

    access_log /var/log/nginx/duniter-folatt.nohost.me-access.log;
    error_log /var/log/nginx/duniter-folatt.nohost.me-error.log;
}

server {
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name duniter-folatt.nohost.me;

    ssl_certificate /etc/yunohost/certs/duniter-folatt.nohost.me/crt.pem;
    ssl_certificate_key /etc/yunohost/certs/duniter-folatt.nohost.me/key.pem;
    ssl_session_timeout 5m;
    ssl_session_cache shared:SSL:50m;

    ssl_prefer_server_ciphers on;

    # Ciphers with intermediate compatibility
    # https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=nginx-1.6.2&openssl=1.0.1t&hsts=yes&profile=intermediate
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';

    # Ciphers with modern compatibility
    # https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=nginx-1.6.2&openssl=1.0.1t&hsts=yes&profile=modern
    # Uncomment the following to use modern ciphers, but remove compatibility with some old clients (android < 5.0, Internet Explorer < 10, ...)
    #ssl_protocols TLSv1.2;
    #ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';

    # Uncomment the following directive after DH generation
    # > openssl dhparam -out /etc/ssl/private/dh2048.pem -outform PEM -2 2048
    #ssl_dhparam /etc/ssl/private/dh2048.pem;

    add_header Strict-Transport-Security "max-age=31536000;";

    access_by_lua_file /usr/share/ssowat/access.lua;

    include conf.d/duniter-folatt.nohost.me.d/*.conf;

    include conf.d/yunohost_admin.conf.inc;
    include conf.d/yunohost_api.conf.inc;

    access_log /var/log/nginx/duniter-folatt.nohost.me-access.log;
    error_log /var/log/nginx/duniter-folatt.nohost.me-error.log;
}

~/.config/duniter/duniter_default/conf.json

{
 "currency": "Guilder-Test",
 "endpoints": [
  "BMAS duniter-folatt.nohost.me 443"
 ],
 "rmEndpoints": [],
 "upInterval": 3600000,
 "c": "0.000054218",
 "dt": "86400",
 "dtReeval": 2629800,
 "ud0": "100",
 "stepMax": 3,
 "sigPeriod": "0",
 "sigValidity": 31536000,
 "msValidity": 31536000,
 "sigQty": "3",
 "xpercent": 0.9,
 "percentRot": 0.6666666666666666,
 "powDelay": "1200",
 "avgGenTime": 960,
 "dtDiffEval": 10,
 "medianTimeBlocks": 20,
 "httplogs": false,
 "udid2": false,
 "timeout": 3000,
 "isolate": false,
 "forksize": 100,
 "switchOnHeadAdvance": 3,
 "sync": {},
 "port": 10901,
 "msPeriod": 604800,
 "loglevel": "info",
 "cpu": 0.6,
 "ipv4": "192.168.178.10",
 "remotehost": "duniter-folatt.nohost.me",
 "remoteport": "443",
 "upnp": false,
 "dos": {
  "whitelist": [
   "127.0.0.1"
  ],
  "maxcount": 50,
  "burst": 20,
  "limit": 40,
  "maxexpiry": 10,
  "checkinterval": 1,
  "trustProxy": true,
  "includeUserAgent": true,
  "errormessage": "Error",
  "testmode": false,
  "silent": false,
  "silentStart": false,
  "responseStatus": 429
 },
 "sigStock": "300000",
 "sigWindow": 604800,
 "idtyWindow": 604800,
 "msWindow": 604800,
 "rootoffset": 0,
 "remoteipv6": "2001:983:8610:1:15e7:898b:aac8:6eff",
 "ipv6": "2001:983:8610:1:15e7:898b:aac8:6eff",
 "remoteipv4": "83.163.103.119"
}

Client Computer

/opt/sakia/root_servers.yml

Guilder-Test:
  display: European Basic Guilder Test 
  nodes:
    AbE4R2fg4hmf6FPYuSuxx9MC9abnSMaPPenoYp8kHsf6:
    - "BMAS folatt-duniter.nohost.me 443"

Folaht · 12 November 2017 09:38

Even when porting, I still can’t connect to the network via sakia.

So while https://duniter-folatt.nohost.me/webui works with porting, sakia still doesn’t.

Moul · 12 November 2017 13:11

IPv4 and NAT (Network Address Translation) are the limitations you encounter.
If you can assign global IPv6 to your machines, you may have solve you problem!
That’s it!

Folaht · 13 November 2017 06:58

This does not work either. I’m still receiving the same error.

Guilder-Test:
  display: European Basic Guilder Test 
  nodes:
    4pDRn4BZqedUXQq2bvnrrJJeBhisZQjs9uq9BTMDQnaq:
    - "BMAS 2001:983:8610:1:653f:a26b:37d6:a707 443"

[me@Main-computer sakia]$ sakia --currency=Guilder-Test
Error connecting to the network : Error : No peer answered in  community (0 peers available)

Inso · 13 November 2017 07:51

Can you run in debug and look at the error messages ? ( sakia -d

Also, remove your file guilder-test.db from .config/sakia/Default Profile before running again. It will force sakia to rediscover your nodes.

stephane · 13 November 2017 07:51

Perhaps it’s missing the opening of ports. In your nginx server .conf file you listen 80 and 443 ports only but certainly Sakia tries to connect at on other ports (like 9220, 10901, etc)

Inso · 13 November 2017 07:55

Sakia a connects to the port in the endpoint data, ie, what @Folaht defined in the root_servers.yml. If he can access it by his browser, sakia should be able to do it too. But once a node failed to be requested, it his forgotten for some time… That’s why I suggest to try to force sakia to rediscover his node.

Folaht · 13 November 2017 16:54

Looks like I have certificate issues.

[me@Main-computer sakia]$ sakia -d --currency=Guilder-Test
...
DEBUG:meta:prepare:Initializing meta database
DEBUG:meta:upgrade_database:Begin upgrade of database...
DEBUG:meta:upgrade_database:Upgrading to version 0...
DEBUG:meta:create_all_tables:Initialiazing all databases
DEBUG:meta:upgrade_database:Upgrading to version 1...
DEBUG:meta:add_ud_rythm_parameters:Add ud rythm parameters to blockchains table
DEBUG:meta:upgrade_database:Upgrading to version 2...
DEBUG:meta:add_contacts:Add contacts table
DEBUG:meta:upgrade_database:Upgrading to version 3...
DEBUG:meta:add_sentry_property:Add sentry property
DEBUG:meta:upgrade_database:Upgrading to version 4...
DEBUG:meta:add_last_state_change_property:Add last state change property
DEBUG:meta:upgrade_database:Upgrading to version 5...
DEBUG:meta:refactor_transactions:Refactor transactions
DEBUG:meta:upgrade_database:End upgrade of database...
DEBUG:network:add_connector:4pDRn connected
DEBUG:node:connect_current_block:[4pDRn] Cannot connect to host 2001:983:8610:1:653f:a26b:37d6:a707:443 ssl:True [[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:720)] : 4pDRn
DEBUG:node:change_state_and_emit:[4pDRn] Changing state 1 > 2
DEBUG:node:connect_peers:[4pDRn] Cannot connect to host 2001:983:8610:1:653f:a26b:37d6:a707:443 ssl:True [[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:720)]
DEBUG:node:connect_current_block:[4pDRn] Cannot connect to host 2001:983:8610:1:653f:a26b:37d6:a707:443 ssl:True [[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:720)] : 4pDRn
DEBUG:node:safe_request:[4pDRn] Cannot connect to host 2001:983:8610:1:653f:a26b:37d6:a707:443 ssl:True [[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:720)]
DEBUG:node:request_peers:[4pDRn] Could not connect to any BMA endpoint
DEBUG:node:connect_peers:[4pDRn] Cannot connect to host 2001:983:8610:1:653f:a26b:37d6:a707:443 ssl:True [[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:720)]
DEBUG:blockchain:initialize_blockchain:Requesting blockchain parameters
DEBUG:network:stop_coroutines:Start closing
DEBUG:network:stop_coroutines:Closing 1 websockets
DEBUG:network:stop_coroutines:Closed
ERROR:quamash._QEventLoop:Task was destroyed but it is pending!
task: <Task pending coro=<NetworkService.discovery_loop() running at sakia/services/network.py:179> wait_for=<Future pending cb=[Task._wakeup()]>>
[17877] LOADER: Back to parent (RC: 0)
[17877] LOADER: Doing cleanup
[17877] LOADER: Freeing archive status for /opt/sakia/sakia.bin

Inso · 13 November 2017 16:57

If it is a self signed certificate, sakia does not trust it by default… You have to add it to your system trusted certificates.

Folaht · 13 November 2017 16:58

Aren’t certificates for domains? I’m trying to connect to the ipv6 address with sakia.

admin@Xroklaus:~ $ sudo yunohost domain cert-status
certificates: 
  duniter-folatt.nohost.me: 
    CA_type: Let's Encrypt
    summary: Great!
    validity: 88

Inso · 13 November 2017 16:59

Maybe let’s encrypt certificates are not trusted system wide then !

Folaht · 14 November 2017 07:21

no, it’s because ip addresses don’t <sarcasm.>need</sarcasm.> certificates.

grumble grumble

Folaht · 15 November 2017 14:30

Ignore what I said earlier in this post.
I still had the ipv6 settings in cache.

The real new result is similar:

[me@Main-Computer sakia]$ sakia -d --currency=Guilder-Test
[11646] PyInstaller Bootloader 3.x
[11646] LOADER: executable is /opt/sakia/sakia.bin
[11646] LOADER: homepath is /opt/sakia
[11646] LOADER: _MEIPASS2 is NULL
[11646] LOADER: archivename is /opt/sakia/sakia.bin
[11646] LOADER: Extracting binaries
[11646] LOADER: Executing self as child
[11646] LOADER: set _MEIPASS2 to /opt/sakia
[11646] LOADER: LD_LIBRARY_PATH=/opt/sakia
[11647] PyInstaller Bootloader 3.x
[11647] LOADER: executable is /opt/sakia/sakia.bin
[11647] LOADER: homepath is /opt/sakia
[11647] LOADER: _MEIPASS2 is /opt/sakia
[11647] LOADER: archivename is /opt/sakia/sakia.bin
[11647] LOADER: Already in the child - running user's code.
[11647] LOADER: Python library: /opt/sakia/libpython3.5m.so.1.0
[11647] LOADER: Loaded functions from Python library.
[11647] LOADER: Manipulating environment (sys.path, sys.prefix)
[11647] LOADER: Pre-init sys.path is /opt/sakia/base_library.zip:/opt/sakia
[11647] LOADER: sys.prefix is /opt/sakia
[11647] LOADER: Setting runtime options
[11647] LOADER: Initializing python
[11647] LOADER: Overriding Python's sys.path
[11647] LOADER: Post-init sys.path is /opt/sakia/base_library.zip:/opt/sakia
[11647] LOADER: Setting sys.argv
[11647] LOADER: setting sys._MEIPASS
[11647] LOADER: importing modules from CArchive
[11647] LOADER: extracted struct
[11647] LOADER: callfunction returned...
[11647] LOADER: extracted pyimod01_os_path
[11647] LOADER: callfunction returned...
[11647] LOADER: extracted pyimod02_archive
[11647] LOADER: callfunction returned...
[11647] LOADER: extracted pyimod03_importers
[11647] LOADER: callfunction returned...
[11647] LOADER: Installing PYZ archive with Python modules.
[11647] LOADER: PYZ archive: out00-PYZ.pyz
[11647] LOADER: Running pyiboot01_bootstrap.py
[11647] LOADER: Running pyi_rth_qt5.py
[11647] LOADER: Running pyi_rth_multiprocessing.py
[11647] LOADER: Running pyi_rth_pkgres.py
[11647] LOADER: Running main.py
DEBUG:meta:prepare:Initializing meta database
DEBUG:meta:upgrade_database:Begin upgrade of database...
DEBUG:meta:upgrade_database:Upgrading to version 0...
DEBUG:meta:create_all_tables:Initialiazing all databases
DEBUG:meta:upgrade_database:Upgrading to version 1...
DEBUG:meta:add_ud_rythm_parameters:Add ud rythm parameters to blockchains table
DEBUG:meta:upgrade_database:Upgrading to version 2...
DEBUG:meta:add_contacts:Add contacts table
DEBUG:meta:upgrade_database:Upgrading to version 3...
DEBUG:meta:add_sentry_property:Add sentry property
DEBUG:meta:upgrade_database:Upgrading to version 4...
DEBUG:meta:add_last_state_change_property:Add last state change property
DEBUG:meta:upgrade_database:Upgrading to version 5...
DEBUG:meta:refactor_transactions:Refactor transactions
DEBUG:meta:upgrade_database:End upgrade of database...
DEBUG:network:add_connector:AbE4R connected
DEBUG:blockchain:initialize_blockchain:Requesting blockchain parameters
DEBUG:bma:verified_get:Requesting parameters on endpoint BMAS duniter-folatt.nohost.me 443
DEBUG:node:connect_current_block:[AbE4R] Cannot connect to host duniter-folatt.nohost.me:443 ssl:True [[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:720)] : AbE4R
DEBUG:node:change_state_and_emit:[AbE4R] Changing state 1 > 2
DEBUG:node:safe_request:[AbE4R] Cannot connect to host duniter-folatt.nohost.me:443 ssl:True [[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:720)]
DEBUG:node:request_peers:[AbE4R] Could not connect to any BMA endpoint
DEBUG:node:connect_peers:[AbE4R] Cannot connect to host duniter-folatt.nohost.me:443 ssl:True [[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:720)]
DEBUG:bma:verified_get:Exception in responses : Cannot connect to host duniter-folatt.nohost.me:443 ssl:True [[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:720)]
DEBUG:node:connect_current_block:[AbE4R] Cannot connect to host duniter-folatt.nohost.me:443 ssl:True [[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:720)] : AbE4R
DEBUG:node:connect_peers:[AbE4R] Cannot connect to host duniter-folatt.nohost.me:443 ssl:True [[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:720)]
DEBUG:node:connect_current_block:[AbE4R] Cannot connect to host duniter-folatt.nohost.me:443 ssl:True [[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:720)] : AbE4R
DEBUG:node:connect_peers:[AbE4R] Cannot connect to host duniter-folatt.nohost.me:443 ssl:True [[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:720)]
DEBUG:node:connect_current_block:[AbE4R] Cannot connect to host duniter-folatt.nohost.me:443 ssl:True [[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:720)] : AbE4R
DEBUG:node:connect_peers:[AbE4R] Cannot connect to host duniter-folatt.nohost.me:443 ssl:True [[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:720)]

Error connecting to the network : Error : No peer answered in  community (1 peers available)

I’m confused if this means Server B is found, or that Server A is found, which is not running Duniter. How can I verify this?

Folaht · 15 November 2017 14:49

Okay, I’m beginning to think I need to have the domain name connect to ipv6 only.

Inso · 15 November 2017 14:55

What is your Server A ?

The error means that it found one potential server in its list (duniter-folatt.nohost.me), but that it failed to connect to it.

Folaht · 15 November 2017 14:58

Server A is my Yunohost mail/chat/cloud server.
Server B is my Yunohost Duniter server.

I almost got it I think.

[update]

Yatta!! It’s now connecting to Server B via ipv6.

I’m still getting an error though.

[me@Main-Computer sakia]$ sakia -d --currency=Guilder-Test
[11799] PyInstaller Bootloader 3.x
[11799] LOADER: executable is /opt/sakia/sakia.bin
[11799] LOADER: homepath is /opt/sakia
[11799] LOADER: _MEIPASS2 is NULL
[11799] LOADER: archivename is /opt/sakia/sakia.bin
[11799] LOADER: Extracting binaries
[11799] LOADER: Executing self as child
[11799] LOADER: set _MEIPASS2 to /opt/sakia
[11799] LOADER: LD_LIBRARY_PATH=/opt/sakia
[11800] PyInstaller Bootloader 3.x
[11800] LOADER: executable is /opt/sakia/sakia.bin
[11800] LOADER: homepath is /opt/sakia
[11800] LOADER: _MEIPASS2 is /opt/sakia
[11800] LOADER: archivename is /opt/sakia/sakia.bin
[11800] LOADER: Already in the child - running user's code.
[11800] LOADER: Python library: /opt/sakia/libpython3.5m.so.1.0
[11800] LOADER: Loaded functions from Python library.
[11800] LOADER: Manipulating environment (sys.path, sys.prefix)
[11800] LOADER: Pre-init sys.path is /opt/sakia/base_library.zip:/opt/sakia
[11800] LOADER: sys.prefix is /opt/sakia
[11800] LOADER: Setting runtime options
[11800] LOADER: Initializing python
[11800] LOADER: Overriding Python's sys.path
[11800] LOADER: Post-init sys.path is /opt/sakia/base_library.zip:/opt/sakia
[11800] LOADER: Setting sys.argv
[11800] LOADER: setting sys._MEIPASS
[11800] LOADER: importing modules from CArchive
[11800] LOADER: extracted struct
[11800] LOADER: callfunction returned...
[11800] LOADER: extracted pyimod01_os_path
[11800] LOADER: callfunction returned...
[11800] LOADER: extracted pyimod02_archive
[11800] LOADER: callfunction returned...
[11800] LOADER: extracted pyimod03_importers
[11800] LOADER: callfunction returned...
[11800] LOADER: Installing PYZ archive with Python modules.
[11800] LOADER: PYZ archive: out00-PYZ.pyz
[11800] LOADER: Running pyiboot01_bootstrap.py
[11800] LOADER: Running pyi_rth_qt5.py
[11800] LOADER: Running pyi_rth_multiprocessing.py
[11800] LOADER: Running pyi_rth_pkgres.py
[11800] LOADER: Running main.py
DEBUG:meta:prepare:Initializing meta database
DEBUG:meta:upgrade_database:Begin upgrade of database...
DEBUG:meta:upgrade_database:End upgrade of database...
DEBUG:network:add_connector:AbE4R connected
DEBUG:blockchain:initialize_blockchain:Requesting blockchain parameters
DEBUG:bma:verified_get:Requesting parameters on endpoint BMAS duniter-folatt.nohost.me 443
ERROR:root:An unhandled exception occured
Traceback (most recent call last):
  File "sakia/main.py", line 112, in <module>
  File "site-packages/quamash/__init__.py", line 263, in run_until_complete
RuntimeError: Event loop stopped before Future completed.
ERROR:root:An unhandled exception occured
Traceback (most recent call last):
  File "site-packages/quamash/__init__.py", line 231, in <lambda>
  File "site-packages/quamash/__init__.py", line 345, in call_soon
  File "site-packages/quamash/__init__.py", line 322, in call_later
  File "site-packages/quamash/__init__.py", line 339, in _add_callback
AttributeError: 'NoneType' object has no attribute 'append'
ERROR:root:Task was destroyed but it is pending!
task: <Task pending coro=<NetworkService.discovery_loop() running at sakia/services/network.py:179> wait_for=<Future pending cb=[Task._wakeup()]>>
ERROR:quamash._QEventLoop:Unhandled error in custom exception handler
context: {'message': 'Task was destroyed but it is pending!', 'task': <Task pending coro=<NetworkService.discovery_loop() running at sakia/services/network.py:179> wait_for=<Future pending cb=[Task._wakeup()]>>}
Traceback (most recent call last):
  File "site-packages/quamash/__init__.py", line 185, in timerEvent
  File "site-packages/quamash/__init__.py", line 328, in upon_timeout
TypeError: argument of type 'NoneType' is not iterable

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "site-packages/quamash/__init__.py", line 543, in call_exception_handler
  File "sakia/main.py", line 53, in async_exception_handler
  File "sakia/main.py", line 76, in exception_message
SystemError: <built-in method exec of QMessageBox object at 0x7fb93c083708> returned a result with an error set
Error in sys.excepthook:
Segmentation fault (core dumped)

Inso · 15 November 2017 15:03

It seems that you are suffering a crash of sakia, which seems incompatible with a freshly new money, I’m sorry !

Please send a bug report with your root_servers.yml file, I’ll try to reproduce it.

Folaht · 15 November 2017 15:05

Don’t be sorry. I finally got it to connect! Yahoo!!

Where do I send bug reports?

And how do I make my money old and moldy?

Je veux que mon crypo-argent soit vieux et moisi.