Hi OpenZiti Team,
right now i'm testing openziti and has installed a Windows Ziti Edge on my personal PC.
Adding a identity currently dont work. Looking to my log-files shows:
[2025-02-18T11:58:58.072Z] DEBUG ziti-edge-tunnel:ipc_cmd.c:230 on_cmd() received cmd <{"Command":"Status"}
>
[2025-02-18T11:58:58.072Z] TRACE ziti-edge-tunnel:ipc_cmd.c:107 on_command_resp() resp[1,len=398] = {"Success":true,"Data":{"Active":false,"Duration":156804,"StartTime":"2025-02-18T11:56:21.268657Z","Identities":[],"IpInfo":{"Ip":"100.64.0.1","Subnet":"255.192.0.0","MTU":65535,"DNS":"100.64.0.2"},"LogLevel":"trace","ServiceVersion":{"Version":"v1.3.9","BuildDate":"Thu-01/16/2025-18:59:50-"},"TunIpv4":"100.64.0.1","TunIpv4Mask":10,"AddDns":false,"ApiPageSize":25,"TunName":"ziti-tun0"},"Code":0}
[2025-02-18T11:58:58.219Z] DEBUG ziti-edge-tunnel:ipc_cmd.c:230 on_cmd() received cmd <{"Data":{"UseKeychain":true,"IdentityFilename":"user_reinsle_buero","JwtContent":"eyJhbGciOiJSUzI1NiIsImtpZCI6ImI5NTAyMzUzOTE5ZWVkZTYxYTlhNzRjNDQzODE3ZmVjMTE5YmQ4ZTIiLCJ0eXAiOiJKV1QifQ.eyJpc3MiOiJodHRwczovL2NsaWVudC5zZG4uZWluc2xlLmRlOjQ0MyIsInN1YiI6IkJFVk53cHFtTiIsImF1ZCI6WyIiXSwiZXhwIjoxNzM5ODkwNjg4LCJqdGkiOiI5NGRkYmM0Zi1lMmExLTQ1YmEtYjFkZC1hMTIzYWRiYWNlZmQiLCJlbSI6Im90dCIsImN0cmxzIjpbInRsczpjbGllbnQuc2RuLmVpbnNsZS5kZTo0NDMiXX0.SP0RyAC9aUxnhpWbX6NMtuYwmRHOXpH-iXJeSKNDdqLcziyoxTUaQfJyoGzJf8OMFvMZj9Kt62evi-Kxx8VbNMegvDcDByfQDkVuY4ga1-x7cxzThHu5Pdh3VQp0u4Lkduncy4dpdIN7x0zvFqDCtfaCwvgbYFTSWgxNguTjXqfpnpWKTZZILyqplMqoWkjEvqRWtvOUkwgd7ZBQctg_Ok8M-TCqorE-4pL2ILlzNZkfXktEcMBDxQGOrsAvo8oM8CLpVaUxjtEVMCimgORg8qJZYCljzscGFgy9Vuma4yiyGuS-sfbdnKAEmBMqOB5ew7D8qZ_6fj4AlTbhJ-V2AX3otPaiIUKkKXRi5vwvZJaRRfyK4TeeBTVz0JAZdrXOmZDPvXyK_SOM0ZBTa0M8F5ZxpEMYw_vGkKoefK_jbSflbXPcT8jlH3iCSss2sTdFLCQqvQrtlEokm_Ji49oJ8AVfExrxrJxzBJ-WJN-nc7tUseWInbSJbPzebCXEw70k8tOqeLhha3LT7lS7yT7uuxvk6TQd_1VsPC-gT7sSchKh_u2DyXTjxHHJEL1yXNLQ
[2025-02-18T11:58:58.219Z] INFO ziti-sdk:ziti_enroll.c:112 ziti_enroll() Ziti C SDK version 1.3.7 @g94225a3(HEAD) starting enrollment at (2025-02-18T11:58:58.219)
[2025-02-18T11:58:58.219Z] DEBUG ziti-sdk:ziti_enroll.c:464 parse_enrollment_jwt() jwt signature is: SP0RyAC9aUxnhpWbX6NMtuYwmRHOXpH-iXJeSKNDdqLcziyoxTUaQfJyoGzJf8OMFvMZj9Kt62evi-Kxx8VbNMegvDcDByfQDkVuY4ga1-x7cxzThHu5Pdh3VQp0u4Lkduncy4dpdIN7x0zvFqDCtfaCwvgbYFTSWgxNguTjXqfpnpWKTZZILyqplMqoWkjEvqRWtvOUkwgd7ZBQctg_Ok8M-TCqorE-4pL2ILlzNZkfXktEcMBDxQGOrsAvo8oM8CLpVaUxjtEVMCimgORg8qJZYCljzscGFgy9Vuma4yiyGuS-sfbdnKAEmBMqOB5ew7D8qZ_6fj4AlTbhJ-V2AX3otPaiIUKkKXRi5vwvZJaRRfyK4TeeBTVz0JAZdrXOmZDPvXyK_SOM0ZBTa0M8F5ZxpEMYw_vGkKoefK_jbSflbXPcT8jlH3iCSss2sTdFLCQqvQrtlEokm_Ji49oJ8AVfExrxrJxzBJ-WJN-nc7tUseWInbSJbPzebCXEw70k8tOqeLhha3LT7lS7yT7uuxvk6TQd_1VsPC-gT7sSchKh_u2DyXTjxHHJEL1yXNLQmQFUQFuZAM5Hf1kEfT9_gAAVHUxx6aaVPKeX8QfmT0AGnj97OyLN_qRlZyeK7XJa5uILN47rInFVN2vkl6DoByyvTFNs-6P3DJQOGN2MBQY
[2025-02-18T11:58:58.219Z] INFO ziti-sdk:ziti_ctrl.c:632 ziti_ctrl_init() ctrl[(null):] using https://client.sdn.einsle.de:443
[2025-02-18T11:58:58.219Z] DEBUG ziti-sdk:ziti_ctrl.c:646 ziti_ctrl_init() ctrl[client.sdn.einsle.de:443] ziti controller client initialized
[2025-02-18T11:58:58.219Z] VERBOSE ziti-sdk:ziti_ctrl.c:152 start_request() ctrl[client.sdn.einsle.de:443] starting GET[/version]
[2025-02-18T11:58:58.219Z] VERBOSE ziti-sdk:ziti_ctrl.c:152 start_request() ctrl[client.sdn.einsle.de:443] starting GET[/.well-known/est/cacerts]
[2025-02-18T11:58:58.219Z] INFO ziti-edge-tunnel:process_cmd.c:125 enroll_ziti_async() enrollment started. identity file will be written to: c:\windows\system32\config\systemprofile\appdata\roaming\netfoundry\user_reinsle_buero.json
[2025-02-18T11:58:58.274Z] DEBUG ziti-sdk:ziti_enroll.c:58 verify_controller_jwt() verifying JWT signature
[2025-02-18T11:58:58.275Z] DEBUG ziti-sdk:ziti_enroll.c:86 verify_controller_jwt() JWT verification succeeded!
[2025-02-18T11:58:58.288Z] VERBOSE ziti-sdk:ziti_ctrl.c:207 ctrl_resp_cb() ctrl[client.sdn.einsle.de:443] received headers GET[/version]
[2025-02-18T11:58:58.288Z] DEBUG ziti-sdk:ziti_ctrl.c:505 ctrl_body_cb() ctrl[client.sdn.einsle.de:443] completed GET[/version] in 0.069 s
[2025-02-18T11:58:58.301Z] VERBOSE ziti-sdk:ziti_ctrl.c:207 ctrl_resp_cb() ctrl[client.sdn.einsle.de:443] received headers GET[/.well-known/est/cacerts]
[2025-02-18T11:58:58.302Z] VERBOSE ziti-sdk:ziti_enroll.c:352 well_known_certs_cb() base64_encoded_pkcs7 is: MIIMGQYJKoZIhvcNAQcCoIIMCjCCDAYCAQExADALBgkqhkiG9w0BBwGgggvsMIIF
8DCCA9igAwIBAgIRAJZBj1IfL3G4Gqi62kjsn7wwDQYJKoZIhvcNAQELBQAwgYIx
CzAJBgNVBAYTAlVTMRIwEAYDVQQHEwlDaGFybG90dGUxEzARBgNVBAoTCk5ldEZv
dW5kcnkxEDAOBgNVBAsTB0FEVi1ERVYxODA2BgNVBAMTL05ldEZvdW5kcnkgSW5j
LiBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgOVJoaG9VVU9ZMB4XDTI1MDIxNzEzNTYw
MFoXDTM1MDIxNTEzNTY1OFowfDELMAkGA1UEBhMCVVMxEjAQBgNVBAcTCUNoYXJs
b3R0ZTETMBEGA1UEChMKTmV0Rm91bmRyeTEQMA4GA1UECxMHQURWLURFVjEyMDAG
A1UEAxMpTmV0Rm91bmRyeSBJbmMuIEludGVybWVkaWF0ZSBDQSBBLUNBSi55czMw
ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC4urQEFmuVaGGuwjexo34G
g2hrL44kB8R7AcqhQKzyPdFZxxgoyhtAJAv6Ga4e3rX3RBK+UcSWycUaNT4VEcMx
xR4fCvBYVq64+RLFPQkkYMKHaqYCZsXJEP44A87Uf9TtGwc9woi/Gf15zFfxNzfw
wnSZ/0f/w+qIur3LbWAGRuYy3AEZht83aRPIz7aVe1INX2CpInYH5dv3o9UQk+wD
fZ3IhQg7X1/qxJnWCGc++p9Px3JlQ2zse/jXNJ3BryxuYI47mi2oSPv00LhHaqsC
fvWA97VgGK7lTY0FwC/ulA+cGC4dSKnNSBQ5ITnYkUx4n/cPJ3NAQOCQmiS34UAD
zyu3eVse2Hrqtw/hEGTmfwDpfqS4WuqjpmE3bj7jlDBBEombSFrbgtiOXH6qykmw
8NIdazUEAbxUmD9Hl7Q9DeY
[2025-02-18T11:58:58.302Z] DEBUG ziti-sdk:ziti_enroll.c:367 well_known_certs_cb() CA PEM len = 4244
[2025-02-18T11:58:58.302Z] TRACE ziti-sdk:ziti_enroll.c:368 well_known_certs_cb() CA PEM:
-----BEGIN CERTIFICATE-----
MIIF8DCCA9igAwIBAgIRAJZBj1IfL3G4Gqi62kjsn7wwDQYJKoZIhvcNAQELBQAw
gYIxCzAJBgNVBAYTAlVTMRIwEAYDVQQHEwlDaGFybG90dGUxEzARBgNVBAoTCk5l
dEZvdW5kcnkxEDAOBgNVBAsTB0FEVi1ERVYxODA2BgNVBAMTL05ldEZvdW5kcnkg
SW5jLiBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgOVJoaG9VVU9ZMB4XDTI1MDIxNzEz
NTYwMFoXDTM1MDIxNTEzNTY1OFowfDELMAkGA1UEBhMCVVMxEjAQBgNVBAcTCUNo
YXJsb3R0ZTETMBEGA1UEChMKTmV0Rm91bmRyeTEQMA4GA1UECxMHQURWLURFVjEy
MDAGA1UEAxMpTmV0Rm91bmRyeSBJbmMuIEludGVybWVkaWF0ZSBDQSBBLUNBSi55
czMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC4urQEFmuVaGGuwjex
o34Gg2hrL44kB8R7AcqhQKzyPdFZxxgoyhtAJAv6Ga4e3rX3RBK+UcSWycUaNT4V
EcMxxR4fCvBYVq64+RLFPQkkYMKHaqYCZsXJEP44A87Uf9TtGwc9woi/Gf15zFfx
NzfwwnSZ/0f/w+qIur3LbWAGRuYy3AEZht83aRPIz7aVe1INX2CpInYH5dv3o9UQ
k+wDfZ3IhQg7X1/qxJnWCGc++p9Px3JlQ2zse/jXNJ3BryxuYI47mi2oSPv00LhH
aqsCfvWA97VgGK7lTY0FwC/ulA+cGC4dSKnNSBQ5ITnYkUx4n/cPJ3NAQOCQmiS3
4UADzyu3eVse2Hrqtw/hEGTmfwDpfqS4WuqjpmE3bj7jlDBBEombSFrbgtiOXH6q
ykmw8NIdazUEAbxUmD9Hl7Q9DeYcT/f7QaF6/PgZprinHt2v/I8QbPzHntEgeB6g
2MWK7+V4wwNI
[2025-02-18T11:58:58.302Z] INFO ziti-sdk:ziti_ctrl.c:632 ziti_ctrl_init() ctrl[(null):] using https://client.sdn.einsle.de:443
[2025-02-18T11:58:58.302Z] DEBUG ziti-sdk:ziti_ctrl.c:646 ziti_ctrl_init() ctrl[client.sdn.einsle.de:443] ziti controller client initialized
[2025-02-18T11:58:58.302Z] VERBOSE ziti-sdk:ziti_ctrl.c:152 start_request() ctrl[client.sdn.einsle.de:443] starting GET[/version]
[2025-02-18T11:58:58.424Z] VERBOSE ziti-sdk:ziti_ctrl.c:152 start_request() ctrl[client.sdn.einsle.de:443] starting POST[/enroll]
[2025-02-18T11:58:58.503Z] VERBOSE ziti-sdk:ziti_ctrl.c:207 ctrl_resp_cb() ctrl[client.sdn.einsle.de:443] received headers GET[/version]
[2025-02-18T11:58:58.503Z] DEBUG ziti-sdk:ziti_ctrl.c:505 ctrl_body_cb() ctrl[client.sdn.einsle.de:443] completed GET[/version] in 0.200 s
[2025-02-18T11:58:58.550Z] VERBOSE ziti-sdk:ziti_ctrl.c:207 ctrl_resp_cb() ctrl[client.sdn.einsle.de:443] received headers POST[/enroll]
[2025-02-18T11:58:58.550Z] DEBUG ziti-sdk:ziti_ctrl.c:505 ctrl_body_cb() ctrl[client.sdn.einsle.de:443] completed POST[/enroll] in 0.125 s
[2025-02-18T11:58:58.550Z] DEBUG ziti-sdk:ziti_enroll.c:407 enroll_cb() successfully enrolled with controller https://client.sdn.einsle.de:443
[2025-02-18T11:58:58.554Z] WARN ziti-edge-tunnel:instance.c:51 find_tunnel_identity() Identity ztx[c:\windows\system32\config\systemprofile\appdata\roaming\netfoundry\user_reinsle_buero.json] is not loaded yet or already removed.
[2025-02-18T11:58:58.554Z] TRACE tunnel-cbs:ziti_tunnel_ctrl.c:223 process_cmd() processing command[LoadIdentity] with data[{"Identifier":"c:\\windows\\system32\\config\\systemprofile\\appdata\\roaming\\netfoundry\\user_reinsle_buero.json","Path":"c:\\windows\\system32\\config\\systemprofile\\appdata\\roaming\\netfoundry\\user_reinsle_buero.json","Disabled":false,"ApiPageSize":25}]
[2025-02-18T11:58:58.554Z] INFO tunnel-cbs:ziti_tunnel_ctrl.c:1163 load_ziti_async() attempting to load ziti instance[c:\windows\system32\config\systemprofile\appdata\roaming\netfoundry\user_reinsle_buero.json]
[2025-02-18T11:58:58.554Z] INFO tunnel-cbs:ziti_tunnel_ctrl.c:1170 load_ziti_async() loading ziti instance[c:\windows\system32\config\systemprofile\appdata\roaming\netfoundry\user_reinsle_buero.json]
[2025-02-18T11:58:58.554Z] TRACE ziti-edge-tunnel:ipc_cmd.c:107 on_command_resp() resp[1,len=25] = {"Success":true,"Code":0}
[2025-02-18T11:58:58.556Z] DEBUG ziti-edge-tunnel:instance-config.c:117 save_tunnel_status_to_file() Saved current tunnel status into Config file c:\windows\system32\config\systemprofile\appdata\roaming\netfoundry\config.json
[2025-02-18T11:58:58.556Z] TRACE ziti-edge-tunnel:instance-config.c:121 save_tunnel_status_to_file() Cleaning up resources used for the backup of tunnel config file c:\windows\system32\config\systemprofile\appdata\roaming\netfoundry\config.json
[2025-02-18T11:58:58.557Z] INFO ziti-sdk:ziti.c:505 ziti_start_internal() ztx[0] enabling Ziti Context
[2025-02-18T11:58:58.564Z] INFO ziti-sdk:ziti.c:522 ziti_start_internal() ztx[0] using tlsuv[v0.33.4/OpenSSL 3.3.1 4 Jun 2024]
[2025-02-18T11:58:58.564Z] INFO ziti-sdk:ziti_ctrl.c:632 ziti_ctrl_init() ctrl[(null):] using https://client.sdn.einsle.de:443
[2025-02-18T11:58:58.564Z] DEBUG ziti-sdk:ziti_ctrl.c:646 ziti_ctrl_init() ctrl[client.sdn.einsle.de:443] ziti controller client initialized
[2025-02-18T11:58:58.564Z] VERBOSE ziti-sdk:ziti_ctrl.c:152 start_request() ctrl[client.sdn.einsle.de:443] starting GET[/version]
[2025-02-18T11:58:58.564Z] INFO ziti-sdk:ziti.c:600 ztx_init_controller() ztx[0] Loading ziti context with controller[https://client.sdn.einsle.de:443]
[2025-02-18T11:58:58.564Z] DEBUG ziti-sdk:ziti.c:531 ziti_start_internal() ztx[0] using metrics interval: 0
[2025-02-18T11:58:58.564Z] DEBUG ziti-sdk:ziti.c:218 ziti_set_unauthenticated() ztx[0] setting auth_state[0] to 0
[2025-02-18T11:58:58.564Z] DEBUG ziti-sdk:ziti_ctrl.c:386 ziti_ctrl_clear_api_session() ctrl[client.sdn.einsle.de:443] clearing api session token for ziti_controller
[2025-02-18T11:58:58.564Z] DEBUG ziti-sdk:ziti_ctrl.c:1071 ctrl_paging_req() ctrl[client.sdn.einsle.de:443] starting paging request GET[/external-jwt-signers]
[2025-02-18T11:58:58.564Z] VERBOSE ziti-sdk:ziti_ctrl.c:1076 ctrl_paging_req() ctrl[client.sdn.einsle.de:443] requesting /external-jwt-signers?limit=25&offset=0
[2025-02-18T11:58:58.564Z] VERBOSE ziti-sdk:ziti_ctrl.c:152 start_request() ctrl[client.sdn.einsle.de:443] starting GET[/external-jwt-signers?limit=25&offset=0]
[2025-02-18T11:58:58.657Z] ERROR tlsuv:win32_keychain.c:248 failed to sign: TPM 2.0: Die Struktur hat die falsche Größe.
[2025-02-18T11:58:58.657Z] ERROR tlsuv:engine.c:923 openssl: handshake was terminated: error:00000005:lib(0)::reason(5)
[2025-02-18T11:58:58.657Z] ERROR tlsuv:tls_link.c:113 TLS(000002bdccc1a0b0) handshake error error:00000005:lib(0)::reason(5)
[2025-02-18T11:58:58.657Z] ERROR tlsuv:http.c:189 handshake failed status[3]: error:00000005:lib(0)::reason(5)
[2025-02-18T11:58:58.657Z] WARN ziti-sdk:ziti_ctrl.c:184 ctrl_resp_cb() ctrl[client.sdn.einsle.de:443] request failed: -4079(software caused connection abort)
[2025-02-18T11:58:58.657Z] WARN ziti-sdk:ziti_ctrl.c:342 internal_version_cb() ctrl[client.sdn.einsle.de:443] CONTROLLER_UNAVAILABLE(software caused connection abort)
[2025-02-18T11:58:58.657Z] WARN ziti-sdk:ziti.c:1908 version_pre_auth_cb() ztx[0] failed to get controller version: CONTROLLER_UNAVAILABLE/software caused connection abort
[2025-02-18T11:58:58.657Z] WARN ziti-sdk:ziti_ctrl.c:184 ctrl_resp_cb() ctrl[client.sdn.einsle.de:443] request failed: -4079(software caused connection abort)
[2025-02-18T11:58:58.657Z] INFO ziti-sdk:ziti_ctrl.c:187 ctrl_resp_cb() ctrl[client.sdn.einsle.de:443] attempting to switch endpoint
[2025-02-18T11:58:58.657Z] WARN ziti-sdk:ziti_ctrl.c:605 ctrl_next_ep() ctrl[client.sdn.einsle.de:443] no controllers are online
[2025-02-18T11:58:58.657Z] WARN ziti-sdk:ziti.c:641 ext_jwt_singers_cb() ztx[0] failed to get external auth providers: software caused connection abort
The first error i got is
[2025-02-18T11:58:58.657Z] ERROR tlsuv:win32_keychain.c:248 failed to sign: TPM 2.0: Die Struktur hat die falsche Größe.
Any idea what happened?
Adding other Identities on other PCs and mobile devices are working
Greetings
Robert