openBalena quickstart -c but still cant balena login without SELF_SIGNED_CERT_IN_CHAIN error

Hi, I used the getting started guide on a freshly installed box.

I used the -c option on the quickstart script, everything ran without any errors.
I thought -c would use letsencrypt + acme to get a cert.

I’m kind of new to openBalena but would really like to get more into it.


Can you please share the output of the quickstart script?
I’ve just checked the openBalena quickstart script for the -c argument. It tries to perform an actual domain name resolving for the specified api. that is specified with the -d argument.
It fails and informs about it when the domain cannot be resolved. This could be most likely the case for local test instances which may have issues with registering the local domain name to the DNS services.

Here is the output of my test command when the TLD cannot be resolved:

$ ./scripts/quickstart -c -U -P openb -d   
[INFO] ACME Certificate request is ENABLED.
[WARN] Unable to resolve ""!
[WARN] This might mean that you cannot use an ACME issued certificate.

Best Regards,

Can you also share why you choose the -c option for this quickstart. You could also run the quickstart without the -c option and generate self-signed certificates for local development and trust these certificates after they have been generated.

Hi @fisehara

I mostly used the -c option because I don’t want to issue self-signed certs and as well wanted the deployment to handle the certificate issuing via acme. In another post of mine, there are already 2 PR that address this problem.

Thank you for you reply!

Hello @Mawiguk0

I’ve checked also your other threads and one PR got recently merged and closed this issue:

As shared in the other thread cert-provider-error-maybe-typo there is this open PR: (WIP) openBalena on balenaOS by ab77 · Pull Request #141 · balena-io/open-balena · GitHub which aims to address a lot of existing concerns.