Secure connections with certificates

Flower Help - Beginners
1

Hi,

I am trying to run flower in secure mode using server certificates from letsencrypt. (Using insecure mode without certifiactes on one single machine worked fine.)

From letsencrypt I got the certificates privkey.pem, fullchain.pem, cert.pem, and chain.pem. I use privkey.pem as ssl-keyfile. I’m not sure which ones to use for ssl-ca-certfile and for ssl-certfile. I tried different combinations with fullchain.pem and cert.pem, but on my clients (flower-supernodes) I always get:
WARNING : Connection attempt failed,

Currently I have the server (flower-superlink) on a linux webserver. I run the clients in a WSL on my windows laptop. I tried both passing the server name as domain name and as ip address, both in the .toml file and under –superlink on the supernodes.

I’m using flwr version 1.21.0 on python 3.12.3, both on the webserver for the superlink and on the WSL for the supernodes.

2

Ok, the issue in my post above is solved and not relevant anymore.

2 Likes
3

I am running in a fairly similar problem, could you please explain what worked for you?

4

Hi @johannes,

thanks for being an active part of the community.

For the sake of this thread, could you please indicate what resolved this issue?

Best regards,
William

1 Like
5

Hi @sayfsaid ,

The following worked for me eventually.

In the .toml file I have:

address = “server.name:9093”
root-certificates = “fullchain.pem”

On the server, I call the superlink with:
–ssl-ca-certfile /cert.pem --ssl-keyfile /privkey.pem --ssl-certfile /fullchain.pem

On each client, I call the supernode with:
–root-certificates /fullchain.pem --superlink server.name:9092

Best regards,

Johannes

1 Like
6

See my reply below. I hope it helps.

Best, Johannes

1 Like
7

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.