Hostname/IP does not match cert's altnames


#1

I’ve been following the ‘Get started’ guide and have setup an openBalena instance on a server and balenaCLI on my local machine. However, I can’t seem to log in to the openBalena instance.

Running balena login --credentials --email <email> --password <password> returns an error:

ERR_TLS_CERT_ALTNAME_INVALID: request to https://api.domain/login_ failed, reason: Hostname/IP does not match certificate’s altnames: Host: api.domain is not in the cert’s altnames: DNS: *.domain

I’ve setup my hosts files on windows with the appropriate addresses (api | registry | vpn | s3) and looking at the error, api.domain should be among *.domain alt names. “domain” is replaced by an actual valid domain within my network.

I’ve setup the the BALENARC_BALENA_URL and NODE_EXTRA_CA_CERTS on the local machine with the appropriate values, the cert installed is the one generated by the openbalena instance as a result of running ./scripts/quickstart -U <email> -P <password> -d <domain>

What is perhaps strange is that, setting up everything with the default domain ‘openbalena.local’ or random one, such as ‘openbalena.lan’ works just fine, I can connect to the openBalena instance.