I’ve got error making preload image with balena preload command.
Please refer to the output below
This command ended with error - x509: certificate signed by unknown authority
Of course, I register the ca.pem in my system(Mac).
Version (open balena)
3.8.0
Console outputs
$ balena preload ~/Downloads/raspberrypi4-64-2.107.10+rev3-v14.4.4.img --fleet admin/zigbangApp --commit 59655624a0df5e043d7661eb35269298
Building Docker preloader image. [========================] 100%
| Checking that the image is a writable file
| Finding a free tcp port
| Checking if the image is an edison zip archive
| Creating preloader container
\ Starting preloader container
- Fetching application admin/zigbangapp
- Reading image information
/ Fetching application 1
?
This fleet is set to track the latest release, and non-pinned devices
are automatically updated when a new release is available. This may lead to
unexpected behavior: The preloaded device will download and install the latest
release once it is online.
This prompt gives you the opportunity to disable automatic updates for
this fleet now. Note that this would result in the fleet being pinned to
the current latest release, rather than some other release that may have
been selected for preloading. The pinned released may be further managed
through the web dashboard or programatically through the balena API / SDK.
Documentation about release policies and pinning can be found at:
https://www.balena.io/docs/learn/deploy/release-strategy/release-policy/
Alternatively, the --pin-device-to-release flag may be used to pin only the
preloaded device to the selected release.
Would you like to disable automatic updates for this fleet now? Yes
- Estimating required additional space
| Resizing partitions and waiting for dockerd to start
- Cleaning up temporary files
(HTTP code 500) server error - Get https://registry.MYDOMAIN.net/v2/: x509: certificate signed by unknown authority
Additional information may be available with the `--debug` flag.
For further help or support, visit:
https://www.balena.io/docs/reference/balena-cli/#support-faq-and-troubleshooting
With —debug option
And when I tried that command with ‘–debug’ option. I read additional error message at the end of procedure.
(HTTP code 500) server error - Get https://registry.MYDOMAIN.net/v2/: x509: certificate signed by unknown authority
Error: (HTTP code 500) server error - Get https://registry.MYDOMAIN.net/v2/: x509: certificate signed by unknown authority
at /usr/local/lib/balena-cli/node_modules/docker-modem/lib/modem.js:315:17
at IncomingMessage.<anonymous> (/usr/local/lib/balena-cli/node_modules/docker-modem/lib/modem.js:342:9)
at IncomingMessage.emit (events.js:326:22)
at IncomingMessage.EventEmitter.emit (domain.js:483:12)
at endReadableNT (_stream_readable.js:1241:12)
at processTicksAndRejections (internal/process/task_queues.js:84:21)
From previous event:
at processImmediate (internal/timers.js:461:21)
From previous event:
at /usr/local/lib/balena-cli/node_modules/balena-preload/build/preload.js:791:28
For further help or support, visit:
https://www.balena.io/docs/reference/balena-cli/#support-faq-and-troubleshooting
before trying to run the balena preload can you please check if a balena login and a balena whoami work properly?
Please make sure, that you have this certificate chain set for the node environment:
Please check if curl -vI https://api.MYDOMAIN.net/ping returns a valid certificate?
You may also check your openBalena installation if it sends a valid certificate with this command: openssl s_client -showcerts -connect api.mydomain.com:443
everything looks correct. Can you please check this with the latest balena cli release: Release v15.0.3 · balena-io/balena-cli · GitHub
In addition, can you please check the balena preload command directly after the balena login again and paste your findings?
I updated balena cli to 15.0.3 and ran the commands again like you requested. The same error occurred again. Please refer to the command outputs.
$ balena login
_ _
| |__ __ _ | | ____ _ __ __ _
| '_ \ / _` || | / __ \| '_ \ / _` |
| |_) | (_) || || ___/| | | || (_) |
|_.__/ \__,_||_| \____/|_| |_| \__,_|
Logging in to MYDOMAIN.net
? How would you like to login? Credentials
? Email: chester@xxxx.com
? Password: [hidden]
Successfully logged in as: admin
Find out about the available commands by running:
$ balena help
For further help or support, visit:
https://www.balena.io/docs/reference/balena-cli/#support-faq-and-troubleshooting
$ balena preload ~/Downloads/raspberrypi4-64-2.107.10+rev3-v14.4.4.img --fleet zigbangApp --commit 3afee65dc7641fc9c4ef4fd3f4e7ae7c
Building Docker preloader image. [========================] 100%
| Checking that the image is a writable file
| Finding a free tcp port
| Creating preloader container
\ Starting preloader container
| Fetching application admin/zigbangapp
/ Reading image information
| Fetching application 1
| Estimating required additional space
\ Resizing partitions and waiting for dockerd to start
- Cleaning up temporary files
(HTTP code 500) server error - Get https://registry.MYDOMAIN.net/v2/: x509: certificate signed by unknown authority
Additional information may be available with the `--debug` flag.
For further help or support, visit:
https://www.balena.io/docs/reference/balena-cli/#support-faq-and-troubleshooting
$ balena --version
15.0.3