Upcoming Maintenance Alert:

The UBNT Community will be upgraded at 5pm MDT on April 25th. During this time the community forums will be set to read-only status.

Learn more

×
Reply
Member
Posts: 146
Registered: ‎09-11-2010
Kudos: 10
Accepted Solution

Edgerouter to unms - lws_ssl_client_connect2 failed

[ Edited ]

Hello,

 

I'm getting this error on all my edgerouters i'm trying to connect to the unms controller.

 

I have my own server.pem certificate with both public and privatre key, and when i access via https its trusted.

 

The time is also correct in both ends.

 

I can ping the unms controller from the outside via dns name.

 

error:

2017-07-26 08:49:02 INFO  connecting to unms.domain.dk:443
2017-07-26 08:49:02 ERROR connection error (unms.domain.dk:443): lws_ssl_client_connect2 failed

Any good ideas?


Accepted Solutions
Ubiquiti Employee
Posts: 511
Registered: ‎05-24-2016
Kudos: 278
Solutions: 64

Re: Edgerouter to unms - lws_ssl_client_connect2 failed

@infolink

Hi, thank you for your bugreport. Your device UNMS connector doesn't trust your UNMS certificate. Could you please check:

  • your certificate is valid for UNMS domain: unms.domain.dk (your certificate common name has to be unms.domain.dk or *.domain.dk)
  • your UNMS certificate has to be signed by trusted certificate authority. If it's self signed certificate or certificate signed by untrusted certificate authority your UNMS key has to include +allowSelfSignedCertificate. You can change it in SETTINGS->UNMS->ADVANCED SETTINGS->Allow self signed certificate. Then you can use new UNMS key and reconnect your devices to UNMS.
  • check that your UNMS is running on port 443. So you don't have reverse proxy or custom inform port. If you have them please check wiki links.

View solution in original post


All Replies
Ubiquiti Employee
Posts: 511
Registered: ‎05-24-2016
Kudos: 278
Solutions: 64

Re: Edgerouter to unms - lws_ssl_client_connect2 failed

@infolink

Hi, thank you for your bugreport. Your device UNMS connector doesn't trust your UNMS certificate. Could you please check:

  • your certificate is valid for UNMS domain: unms.domain.dk (your certificate common name has to be unms.domain.dk or *.domain.dk)
  • your UNMS certificate has to be signed by trusted certificate authority. If it's self signed certificate or certificate signed by untrusted certificate authority your UNMS key has to include +allowSelfSignedCertificate. You can change it in SETTINGS->UNMS->ADVANCED SETTINGS->Allow self signed certificate. Then you can use new UNMS key and reconnect your devices to UNMS.
  • check that your UNMS is running on port 443. So you don't have reverse proxy or custom inform port. If you have them please check wiki links.
New Member
Posts: 22
Registered: ‎05-12-2016
Kudos: 3
Solutions: 1

Re: Edgerouter to unms - lws_ssl_client_connect2 failed

I'm having the exact same issue. My certificate is valid for my unms domain. All browsers show it as a valid NONE self signed cert. I've used Let's Encrypt to generate the certificate for my domain.

I've also tried to change the Allow Self Signed cert just to see if that would help but it doesn't.

I'm running it behing nginx reverse proxy on port 443.

I installed using this bash command:

sudo bash /tmp/unms_install.sh --behind-reverse-proxy --public-https-port 443 --http-port 28080 --https-port 28443
Member
Posts: 146
Registered: ‎09-11-2010
Kudos: 10

Re: Edgerouter to unms - lws_ssl_client_connect2 failed

@UBNT-Jindrich

Thansk for replying so fast.

 

 

I found out the certificate was wrong, so i fixed this but still got the same error.

 

Had to run this command to set the port to 443 even though i'm pretty sure i didn't change it, but it works now so who knows Man Happy

sudo bash /tmp/unms_install.sh --http-port 80 --https-port 443

 Thanks again.

Reply