https://rancher.com/ logo
Title
a

alert-artist-3720

09/27/2022, 4:20 PM
Hi all, having some challenges getting Rancher Desktop working properly on macOS 12.6 on an M1 Pro. Weirdly, it worked just fine yesterday but after an update last night it’s crashing on:
client-key-data: LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSUxrdFVIanh3NGhOWGluVW9WRVpmbTU0UjlrUXVnVW5DZUxCS1V5eTV4L0xvQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFSmZCYU1nbEgwYmRJQ3NROWNoRUlPeDhzSXVlaTNWOVpVM3RZd2RhOXNUaGFuQWRpM0xjVQpoS2JrMVA0aVJuVVJxaTJjQ2dpK3lQaTBhU3FCYkFCRWtRPT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo=

2022-09-27T16:17:12.691Z: Error starting lima: Error: unable to verify the first certificate
    at TLSSocket.onConnectSecure (node:_tls_wrap:1530:34)
    at TLSSocket.emit (node:events:390:28)
    at TLSSocket._finishInit (node:_tls_wrap:944:8)
    at TLSWrap.ssl.onhandshakedone (node:_tls_wrap:725:12) {
  code: 'UNABLE_TO_VERIFY_LEAF_SIGNATURE'
}
f

fast-garage-66093

09/27/2022, 4:29 PM
Is there additional information in
~/Library/Logs/rancher-desktop/networking.log
?
a

alert-artist-3720

09/27/2022, 5:05 PM
No, just
...certificate verification successful.
...certificate verification successful.
...certificate verification successful.
...certificate verification successful.
...certificate verification successful.
...certificate verification successful.
...certificate verification successful.
...certificate verification successful.
...certificate verification successful.
...certificate verification successful.
f

fast-garage-66093

09/27/2022, 5:08 PM
It is hard to say, maybe looking through the full set of logs would help, but it may be easier to try both a "Factory Reset" (on the "Troubleshooting" page), and maybe even a reboot first, to see if that clears things up. Assuming you don't mind deleting the current VM, which contains all the images.
a

alert-artist-3720

09/27/2022, 5:10 PM
I’ve done all of the above actually. On the k8s logs i see:
ex.stderr: [I0927 12:29:51.413365   55050 versioner.go:58] Get "<https://127.0.0.1:6443/version?timeout=5s>": x509: certificate signed by unknown authority
Unable to connect to the server: x509: certificate signed by unknown authority
]
initially i thought that was another issue with my ~/.kube/conf, but removing that makes no difference
one thing is, i updated to macOS 12.6 last night, so it may have something to do with that.
f

fast-garage-66093

09/27/2022, 5:17 PM
I don't think that should change anything, but I'm just booting up a 12.6 machine to test. This is with RD 1.5.1 on an Intel Mac, right?
a

alert-artist-3720

09/27/2022, 5:19 PM
m1 mac
f

fast-garage-66093

09/27/2022, 5:19 PM
Are you running any proxy servers?
So there is no corporate networking stuff installed on the machine?
Working fine for me:
$ sw_vers
ProductName:	macOS
ProductVersion:	12.6
BuildVersion:	21G115
$ kubectl get po -A
NAMESPACE     NAME                                      READY   STATUS      RESTARTS   AGE
kube-system   helm-install-traefik-7v8cb                0/1     Completed   0          3d19h
kube-system   local-path-provisioner-58fb86bdfd-6899n   1/1     Running     1          3d19h
kube-system   svclb-traefik-qb6x8                       3/3     Running     3          3d19h
kube-system   metrics-server-6d684c7b5-nh56d            1/1     Running     1          3d19h
kube-system   coredns-d798c9dd-xmp9g                    1/1     Running     1          3d19h
kube-system   traefik-65bccdc4bd-cmh22                  1/1     Running     1          3d19h
a

alert-artist-3720

09/27/2022, 5:24 PM
okay thanks, maybe I have some deeper configuration issues. will try to debug more and report back if i learn anything
f

fast-garage-66093

09/27/2022, 5:24 PM
Can you double-check if any proxy settings got exported into the VM?
$ rdctl shell cat /etc/environment
#
# This file is parsed by pam_env module
#
# Syntax: simple "KEY=VAL" pairs on separate lines
#
#LIMA-START
#LIMA-END

$ rdctl shell sudo -i env | grep -i proxy
a

alert-artist-3720

09/27/2022, 5:25 PM
same as yours
actually while i say that there’s nothing substandard, i am using nix to set up my machine so it’s more likely to be a configuration issue through that
f

fast-garage-66093

09/27/2022, 5:25 PM
ok, so not a proxy issue. sorry, no other ideas right now
Please let me know if you figure it out. If possible we want to make RD robust to detect the issue and show a diagnostic
1
a

alert-artist-3720

09/27/2022, 7:09 PM
okay I think this is something to do with how Docker for Desktop was setup as well. When i removed that from my system thinks started working again.
admittedly, i was a bit heavy handed with the removal of that so it’s not necessarily the right move here
j

jolly-oyster-63031

10/04/2022, 6:27 AM
Hi, was this issue resolved? I’m facing same problem.
f

fast-garage-66093

10/04/2022, 6:29 AM
It sounds like the issue was resolved by uninstalling Docker Desktop
And also seemed related to using nix to manage the machine configuration