An error occurred while connecting to the provided URL

Question

An error occurred while connecting to the provided URL

osminm opened this issue 3 years ago · comments

The problem

I was excited about the possibility of having a keepass-like-tool that would tie into Vault but was disappointed that no matter what I tried I can't even login to vault. The error I get on Windows or Mac is consistent: "An error occurred while connecting to the provided URL.". We do use namespaces in our environment but my testing has been against a root vault namespace.

Environment

Cryptr version 0.4.0
Desktop OS/version used to run Cryptr: Windows 10 (latest patch), Windows server 2019 (1809), OS X 10.15.7
Vault version: Vault 1.4.1+prem.hsm

Details

We have users that would prefer some sort of desktop client vs the web interface. They are not developers so the API/CLI just wouldn't be appropriate.

Steps to Reproduce

Describe how to reproduce this issue. What did you click? What were you trying to do?

Launch executable from either OS and the login window appears.
Add a URL pointing to vault, tried with/without vault's default port
The error appears immediately after trying to add a URL
The error appears if I populate LDAP's user name/password and attempt to login
The error appears when using Token and trying to populate URL & Token value as well.

Jacob Crowther · Answer 1 · Sat Mar 06 2021 04:40:42 GMT+0800 (China Standard Time)

Would you try opening Cryptr in debug mode and look for console errors, or for what your Vault instance is responding with?

To enable this with released binaries, set the CRYPTR_ENV=development environment variable when launching the app. This is simple on Mac and Linux, though I see you're on Windows so will need to find how best to set it accordingly.

osminm · Answer 2 · Mon Mar 08 2021 09:17:18 GMT+0800 (China Standard Time)

Noticed after testing in ubuntu that we really needed to export CRYPTR_ENV=development for the child process (cryptr) to see it. Attaching two logs, mac/ubuntu, they both point to the same error, ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY, which seems to point server/client cryptography handshake.
mac-1615216552969.log
ubuntu-1615216314160.log

osminm · Answer 3 · Sat Mar 13 2021 01:31:17 GMT+0800 (China Standard Time)

quick update, cryptr was able to connect to a replicated local testing vault after modifying the tls_cipher_suites crypto order in vault. Will test again when this change is promoted but I'm able to do basic tests now . Thx

tsiamer · Answer 4 · Wed Sep 22 2021 16:59:51 GMT+0800 (China Standard Time)

I too having the same problem, can you please provide the tls_cipher_suite that worked?

Jacob Crowther · Answer 5 · Sat Apr 02 2022 02:26:36 GMT+0800 (China Standard Time)

Closing old issue