remote error: tls: unrecognized name

Question

remote error: tls: unrecognized name

klapvogn opened this issue a year ago · comments

When I woke up this morning I noticed my websites was not working.
And looked in the cloudflare log and found this:

2023-04-10T08:08:26Z INF Starting tunnel tunnelID=xxxx

2023-04-10T08:08:26Z INF Version 2023.3.1

2023-04-10T08:08:26Z INF GOOS: linux, GOVersion: go1.19.7, GoArch: amd64

2023-04-10T08:08:26Z INF Settings: map[cred-file:/home/nonroot/.cloudflared/xxxx.json credentials-file:/home/nonroot/.cloudflared/xxxx.json no-autoupdate:true]

2023-04-10T08:08:26Z INF Generated Connector ID: xxxx

2023-04-10T08:08:26Z INF Initial protocol quic

2023-04-10T08:08:26Z INF ICMP proxy will use xxxx as source for IPv4

2023-04-10T08:08:26Z INF ICMP proxy will use :: as source for IPv6

2023-04-10T08:08:26Z INF Starting metrics server on 127.0.0.1:36919/metrics

2023/04/10 10:08:26 failed to sufficiently increase receive buffer size (was: 208 kiB, wanted: 2048 kiB, got: 416 kiB). See https://github.com/lucas-clemente/quic-go/wiki/UDP-Receive-Buffer-Size for details.

2023-04-10T08:08:27Z INF Connection 28718f04-7968-4952-a1d3-41cfee0131d5 registered with protocol: quic connIndex=0 ip=198.41.192.167 location=FRA

2023-04-10T08:08:28Z INF Connection 1a1be7e4-8aa5-4135-88c3-dbc9aa7864a3 registered with protocol: quic connIndex=1 ip=198.41.200.73 location=DME

2023-04-10T08:08:29Z INF Connection e7fbed73-88e1-4285-b89e-cb7c9ba98b14 registered with protocol: quic connIndex=2 ip=198.41.192.77 location=FRA

2023-04-10T08:08:30Z INF Connection 40cc94bb-0ffc-445c-810c-79e4cfb29cd9 registered with protocol: quic connIndex=3 ip=198.41.200.23 location=DME

2023-04-10T08:08:40Z ERR  error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: remote err2023-04-10T08:08:26Z INF Starting tunnel tunnelID=xxxx

Larry Reinhard · Answer 1 · Tue Apr 11 2023 12:09:45 GMT+0800 (China Standard Time)

It seems that @klapvogn may have removed the critical part of the error message, but I'm seeing the same problem. I've deleted and recreated the tunnel without any change in behavior.

Requests generate this error:
2023-04-11T04:01:54Z ERR Request failed error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: remote error: tls: unrecognized name" connIndex=0 dest=https://REDACTED ip=REDACTED type=http

My configuration file has these ingress rules:

ingress:
  - hostname: "*.REDACTED.com"
    service: https://192.168.0.4:443
    originRequest:
      noTLSVerify: true
  - service: http_status:404

Version 2023.4.0

klapvogn · Answer 2 · Tue Apr 11 2023 12:14:49 GMT+0800 (China Standard Time)

Sorry about the missing info, I have the same error message as @biggator

Larry Reinhard · Answer 3 · Tue Apr 11 2023 12:20:34 GMT+0800 (China Standard Time)

I've tried regressing to 2023.3.1 and 2023.3.0 without any change in behavior.

Larry Reinhard · Answer 4 · Tue Apr 11 2023 12:55:10 GMT+0800 (China Standard Time)

I've resolved my issue and it seems that cloudflared is not at fault.

The remote error: message seems to refer to the routed service, not cloudflared as I had assumed. In my case that is Nginx Proxy Manager (192.168.0.4). I reverted from the Nginx Proxy Manager docker image tagged latest, which is also v23.04.1, to v23.03.2 and this issue was resolved.

Unfortunately, regressing causes some other issues with Nginx Proxy Manager: although my existing proxy hosts are functioning, I can't login to the dashboard and the application logs are filling up with certbot errors, but that's a problem for another application.