I just came across this topic and i'm having some certificates issues (, idk if i'm suppoused to open a new topic. Administrator @TheLumberjack made this a new top level post)
- For the environment on the machine i want to remote from i'm using the same environment as the one i will remote. (C:\Users\User.zrok\environment.json)
- when i'm trying to RDP i'm getting the followin error:
ERROR zrok/endpoints/tcpTunnel.(*Frontend).accept: error dialing '********' failed to dial: no apiSession, authentication attempt failed ...................... tls: failed to verify certificate: x509: certificate signed by unknown authority
thx in advance.
Hi @KunaiNeko, welcome to the community and to zrok (and OpenZiti and Browzer)
This issue is sufficiently different imo that it could have been it's own toplevel post, yeah. This looks to me more like the token you used to enable the environment is no longer authorized. If you go to the UI at https://api.zrok.io/ and go under the 'enable your environment'
that's the token you used to enable the environment, right? Could you try disable/enabling the environment again and make sure?
I'll move your post to a new topic
Also, you made sure to share with:
zrok.exe share private --backend-mode tcpTunnel localhost:3389
and access with:
zrok access private blahblahblah --bind localhost:3389 (or 33389 if 3389 is already open)
?
What output do you get from the following commands on the box that isn't working?
zrok status
zrok overview
Hi @TheLumberjack thx for helping!
yes that's the token i used to enable the environment, tried connecting to the tcp with another account still no luck.
Here is what i tried:
- Disabled the environment with zrok disable, and used the token from the UI, from both of my pc's and i'm still getting the following error:
[ 6.551] ERROR zrok/endpoints/tcpTunnel.(*Frontend).accept: error dialing 'TOKEN': failed to dial: no apiSession, authentication attempt failed: Post "https://cc7da54f-8086-4ff9-b96d-6137124f6380.production.netfoundry.io:443/edge/client/v1/authenticate?method=cert": tls: failed to verify certificate: x509: certificate signed by unknown authority
- I'm ussing the followings:
To create the connection.
zrok share private --backend-mode tcpTunnel localhost:3389
To connect to the remote pc (i'm using the token the first command gives)
zrok access private TOKEN --bind localhost:33389
- This are the output of the commands:
- zrok status
Config:
CONFIG VALUE SOURCE
apiEndpoint https://api.zrok.io env
defaultFrontend public binary
Environment:
PROPERTY VALUE
Secret Token <>
Ziti Identity <>
- zrok overview
{"environments":[{"environment":{"address":"190.238.253.174","createdAt":1726550167575,"description":"PE\NP154979@P8GMD03","host":"PE\NP154979; P8GMD03; windows; Microsoft Windows 11 Pro; Standalone Workstation; 10.0.22631.4112 Build 22631.4112; 10.0.22631.4112 Build 22631.4112; x86_64","updatedAt":1726550167575,"zId":"wZykq34iKr"},"frontends":[{"createdAt":1726583832586,"id":87544,"shrToken":"o7u6g06hmpp3","token":"SFqG6AlM2DHu","updatedAt":1726583832586,"zId":"wZykq34iKr"},{"createdAt":1726583867103,"id":87545,"shrToken":"o7u6g06hmpp3","token":"bo6WNnFq3V8O","updatedAt":1726583867103,"zId":"wZykq34iKr"}]}]}
Strange. Just out of curiosity what version of zrok are you running? zrok version
Do you have .json files in your ~/.zrok/identities directory (don't post their contents, as they are sensitive).
Hi @mguthrie88
This is the output:
zrok version
_
_____ __ ___ | | __
|_ / '/ _ | |/ /
/ /| | | () | <
/|| ___/||_\
v0.4.40 [c110f860]