Balena deploy Progress Error


#1

Executing :
balena deploy myApp --logs --source . --emulated --build



Build] main Removing intermediate container a3778f868bbf
[Build] main Successfully built fd674f7f39fe
[Build] main Successfully tagged test_app_main:latest
[Info] Creating release… |
[Info] Creating release… /
[Info] Creating release… -
[Info] Creating release…
[Info] Creating release… |
[Info] Creating release…
[Info] Pushing images to registry…
Progress error: Get https://registry.mydomain.com/v2/: x509: certificate signed by unknown authority
[Info] Saving release… /
[Info] Saving release…
[Success] Deploy succeeded!
[Success] Release: aa374c54885aac3bd8fa0ad3c379cb8b

		    \
		     \
		      \\
		       \\
		        >\/7
		    _.-(6'  \
		   (=___._/` \
		        )  \ |
		       /   / |
		      /    > /
		     j    < _\
		 _.-' :      ``.
		 \ r=._\        `.
		<`\\_  \         .`-.
		 \ r-7  `-. ._  ' .  `\
		  \`,      `-.`7  7)   )
		   \/         \|  \'  / `-._
		              ||    .'
		               \\  (
		                >\  >
		            ,.-' >.'
		           <.'_.''
		             <'

Although the command says the “Deploy succeeded” the devices connected to the openbalena backend does not get updated.

Does anyone has an idea of Progress error: Get https://registry.mydomain.com/v2/: x509: certificate signed by unknown authority ERROR message?


#4

Hi @rlev

I got this one when I first started. Adding the CA cert to node trusted certs fixed for me.

See: https://www.balena.io/open/docs/getting-started/#Install-self-signed-certificates

Note you will need to add NODE_EXTRA_CA_CERTS to your shell environment permanently or it will be reset every time you logout/reboot.

Cheers
Chris


#5

I think this is actually an issue with the self-signed certificate not being present in the trusted roots of the development machine.

I am running macOS, but the principle is the same on all systems, but you should add your /config/certs/root/ca.cert to your system trusted root certificate store and then restart the Docker service. This will allow your machine to push to the hosted registry within OpenBalena.

You should have the NODE_EXTRA_CA_CERTS set anyway for balena login to work to get this far, so I don’t think it is that, but if not then you should have it set to the cert path too.


#6

Thanks @richbayliss and @dash,

I will make sure the env var NODE_EXTRA_CA_CERTS is set.

In the other hand Where can I find information about using real signed certificates instead self-signed certs with openbalena?