Hello everyone,
I want to install a Chirpstack instance where I use a dedicated Application Server and a dedicated Network server while securing the whole communication with TLS (for the TLS part I was following this guide https://github.com/brocaar/chirpstack-certificates ). The installation itself went well, the problem arise when I try to register the network server in my application server (using the WebUI). When I try to register the network-server I get the following error message:
context deadline exceeded (code: 2)
When checking in the log I see a more meaningful error message:
transport: Error while dialing dial tcp NS-IP:443: connect: connection refused".INFO[0792] creating network-server client server=NS-Server
WARN[0792] grpc: addrConn.createTransport failed to connect to {NS-IP:443 <nil> 0 <nil>}. Err: connection error: desc = "transport: Error while dialing dial tcp NS-IP:443: connect: connection refused". Reconnecting...
ERRO[0793] finished unary call with code Unknown ctx_id=8fe7d907-5695-4443-8074-ed74ea94c7d3 error="rpc error: code = Unknown desc = context deadline exceeded" grpc.code=Unknown grpc.method=Create grpc.service=api.NetworkServerSe rvice grpc.start_time="2021-09-28T09:48:57+02:00" grpc.time_ms=519.036 peer.address="127.0.0.1:47938" span.kind=server system=grpc
In the image below I try to add the network server to the application server:
In the part mentioning Certificates for ChirpStack Application Server to ChirpStack Network Server connection I put:
-
CA certificate content of
certs/ca/ca.pem
-
TLS certificate content of
certs/chirpstack-network-server/api/client/chirpstack-network-server-api-client.pem
-
TLS key content of
certs/chirpstack-network-server/api/client/chirpstack-network-server-api-client-key.pem
While in the part mentioning Certificates for ChirpStack Network Server to ChirpStack Application Server connection I put:
-
CA certificate content of
certs/ca/ca.pem
-
TLS certificate content of
certs/chirpstack-application-server/api/client/chirpstack-application-server-api-client.pem
-
TLS key content of
certs/chirpstack-application-server/api/client/chirpstack-application-server-api-client-key.pem
Also the rules of my firewall seems ok (below an output from the network server):
public (active)
target: default
icmp-block-inversion: no
interfaces: eth0
sources:
services: dhcpv6-client http https ssh
ports: 7001/udp 4241/tcp 8000/tcp 8000/udp 443/tcp 443/udp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
However if try to open a telnet connection to my network server using the port 443 I also get a connection refused. Any ideas ?