Log hint on Certificate signed by unknown authority

Description

A common problem is that the Mender client is unable to connect to the server and logs:

Typically this is caused by not incorporating a self-signed certificate into Mender's configuration. See https://docs.mender.io/troubleshooting/mender-client#certificate-signed-by-unknown-authority for full explanation.
Since this is such a common problem we should add more context around the error message.

Acceptance criteria

There are more log entries directly following the "...certificate signed by unknown authority" message that gives more context
Stretch goal:
Minimum:
These messages are only printed after this given error

Sample certificate in PEM format (that can be put in /etc/mender/server.crt):

Affects versions

None

Environment

None

Checklist

Activity

Show:

eystein.maloy.stenbergJanuary 2, 2018 at 2:35 PM

Looks good. Please see https://tracker.mender.io/browse/MEN-1660?focusedCommentId=85324&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-85324 for comments that apply here as well.

One note is that I think it will be too "spammy" in the logs if we always print the certificate we received. My intention was only to print this when errors occur. Maybe that is what we are doing?

Marcin PasinskiDecember 19, 2017 at 4:09 PM

the comment is updated now. Sorry for the confusion.

eystein.maloy.stenbergDecember 19, 2017 at 3:24 PM

looks like the output from , can you pls post the output from this task?

Marcin PasinskiDecember 19, 2017 at 2:48 PM
Edited

this is how this looks now:

Marcin PasinskiDecember 5, 2017 at 10:41 AM

It is pretty small change even if we need to get the gateway certificate and do some analysis to print exact error message. My estimate is 2.

Fixed

Details
Assignee
Marcin Pasinski
Reporter
eystein.maloy.stenberg
Labels
Client
Story Points
2
Priority
Medium
Sprint
None
Backlog
yes

Zendesk Support

Checklist

Created December 1, 2017 at 7:10 PM

Updated January 2, 2018 at 2:44 PM

Resolved January 2, 2018 at 2:44 PM

Log hint on Certificate signed by unknown authority

Description

Affects versions

Environment

Checklist

Activity

eystein.maloy.stenbergJanuary 2, 2018 at 2:35 PM

Marcin PasinskiDecember 19, 2017 at 4:09 PM

eystein.maloy.stenbergDecember 19, 2017 at 3:24 PM

Marcin PasinskiDecember 19, 2017 at 2:48 PMEdited

Marcin PasinskiDecember 5, 2017 at 10:41 AM

DetailsAssigneeMarcin PasinskiMarcin PasinskiReportereystein.maloy.stenbergeystein.maloy.stenbergLabelsClientStory Points2PriorityMediumSprintNone+2Backlogyes

Details

Assignee

Reporter

Labels

Story Points

Priority

Sprint

Backlog

Zendesk SupportLinked Tickets

Zendesk Support

ChecklistOpen Checklist

Checklist

Marcin PasinskiDecember 19, 2017 at 2:48 PM
Edited

Details
Assignee
Marcin Pasinski
Reporter
eystein.maloy.stenberg
Labels
Client
Story Points
2
Priority
Medium
Sprint
None
Backlog
yes

Zendesk Support

Checklist