SSL_ERROR_INTERNAL_ERROR_ALERT error after upgrade

Hi,

I’ve upgraded to the latest version of firezone and then did the docker migration. Since then, I’ve been getting an “SSL_ERROR_INTERNAL_ERROR_ALERT” error when trying to access the web UI. In the logs, I can see this:

{"level":"error","ts":1666611254.7120893,"logger":"tls.obtain","msg":"will retry","error":"[rpi4] Obtain: [rpi4] creating new order: attempt 1: https://acme.zerossl.com/v2/DV90/newOrder: HTTP 400 urn:ietf:params:acme:error:rejectedIdentifier - Invalid DNS identifier [rpi4] (ca=https://acme.zerossl.com/v2/DV90)","attempt":2,"retrying_in":120,"elapsed":80.078630629,"max_duration":2592000}

{"level":"info","ts":1666611374.713468,"logger":"tls.obtain","msg":"obtaining certificate","identifier":"rpi4"}

{"level":"error","ts":1666611375.1947496,"logger":"tls.obtain","msg":"could not get certificate from issuer","identifier":"rpi4","issuer":"acme-v02.api.letsencrypt.org-directory","error":"HTTP 400 urn:ietf:params:acme:error:rejectedIdentifier - Error creating new order :: Cannot issue for \"rpi4\": Domain name needs at least one dot"}

Connections to the VPN itself work fine.

I’ve got a domain and other services running with SSL on another machine and this machine (a Pi 4) is only running some network services. As I understand, an SSL certificate can’t be issued without an externally facing domain so it won’t be possible for me to do this. Can I disable the SSL entirely and access the web ui via http?

I am having the same problem, try this see if it works for you.

Thanks. This works when you access via the hostname rather than IP address. In my case, this is https://rpi4/.

Thanks for your help.