Jump to content

Can't get my devices online


turtle-one

Recommended Posts

Posted

Hey guys,

I set up a Cloud C2 on a VPS Server with SSL. Everything seem to be fine. The certificate is from ZeroSSL, just in case it matters. The firewall is configured (Port 80, 443 and 2022 TCP are inbound open), netstat says:

netstat -nlp | grep c2-
tcp6       0      0 :::2022                 :::*                    LISTEN      2059/./c2-3.1.2_amd 
tcp6       0      0 :::80                   :::*                    LISTEN      2059/./c2-3.1.2_amd 
tcp6       0      0 :::443                  :::*                    LISTEN      2059/./c2-3.1.2_amd

Any idea why my devices won't connect (last seen: never)?

Are there any logs to check?

Thanks...

Posted

Are you starting the C2 server with those certs as parameters? Have you created device.config files for your devices when the C2 server is running with the correct cert? The cert perhaps needs to be available on the devices as well (public key).

Posted

I'm starting the server with the following command and parameters:

sudo ./c2-*_amd64_linux -hostname <my-doamin-name> -https -keyFile /home/as/cert/private.key -certFile /home/as/cert/certificate.crt

After starting the server I created the device.config and put on my LAN Turtle in /etc. 

Then I called 

root@turtle:/etc# C2DISCONNECT
Device Disconnected From C2

and 

root@turtle:/etc# C2CONNECT
sshd already running
warning: commands will be executed using /bin/sh
job 5 at Sun Feb 20 15:23:00 2022

but the device is not online.

Where should I put the cert on the turtle?

Posted

In /var/cc-client-error.log I found this:

[1645371105 !ERR         CURL ]  Error posting update to server...
[1645371105 !ERR     INITSYNC ]  Error in startup sync post
[1645371105 !ERR         MAIN ]  Device startup sync failed. Retrying... 

What could that mean?

Posted

Good idea...

I merge both the certificate.crt and the ca_bundle.crt (called it ssl_bundle.crt) and restarted the server. The device came up and started syncing immediately.

So I guess it was a certificate chain thing.

Thanks dark_pyrro - great support.

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...