github-starred/barrier
2
0
Fork 0
mirror of https://github.com/debauchee/barrier.git synced 2026-05-15 14:16:02 -06:00
Code Issues 1.0k Projects Packages Wiki Activity Actions

[GH-ISSUE #1952] ERROR: ssl certificate doesn't exist: C:\Users\xxxx\AppData\Local\Barrier\SSL\Barrier.pem #1424

New issue
Open
opened 2026-05-05 07:49:53 -06:00 by gitea-mirror · 10 comments
gitea-mirror commented 2026-05-05 07:49:53 -06:00
Owner
Copy link

Originally created by @411621 on GitHub (Jul 7, 2023).
Original GitHub issue: https://github.com/debauchee/barrier/issues/1952

What happened?

On desktop and on laptop same error:
ERROR: ssl certificate doesn't exist: C:\Users\xxxx\AppData\Local\Barrier\SSL\Barrier.pem

Version

v2.4.0

Git commit hash (if applicable)

No response

If applicable, where did you install Barrier from?

Chocolately

What OSes are you seeing the problem on? (Check all that apply)

Windows

What OS versions are you using?

22H2 19045.3155

Relevant log output

1] ERROR: ssl certificate doesn't exist: C:\Users\Robert\AppData\Local\Barrier\SSL\Barrier.pem
[2023-07-07T15:26:47] INFO: OpenSSL 1.0.2l  25 May 2017
[2023-07-07T15:26:47] ERROR: ssl certificate doesn't exist: C:\Users\Robert\AppData\Local\Barrier\SSL\Barrier.pem
[2023-07-07T15:27:03] INFO: OpenSSL 1.0.2l  25 May 2017
[2023-07-07T15:27:03] ERROR: ssl certificate doesn't exist: C:\Users\Robert\AppData\Local\Barrier\SSL\Barrier.pem
[2023-07-07T15:27:19] INFO: OpenSSL 1.0.2l  25 May 2017
[2023-07-07T15:27:19] ERROR: ssl certificate doesn't exist: C:\Users\Robert\AppData\Local\Barrier\SSL\Barrier.pem
[2023-07-07T15:27:35] INFO: OpenSSL 1.0.2l  25 May 2017
[2023-07-07T15:27:35] ERROR: ssl certificate doesn't exist: C:\Users\Robert\AppData\Local\Barrier\SSL\Barrier.pem
[2023-07-07T15:27:51] INFO: OpenSSL 1.0.2l  25 May 2017
[2023-07-07T15:27:51] ERROR: ssl certificate doesn't exist: C:\Users\Robert\AppData\Local\Barrier\SSL\Barrier.pem
server status: active

Any other information

Barrier.pem does not exist

Originally created by @411621 on GitHub (Jul 7, 2023). Original GitHub issue: https://github.com/debauchee/barrier/issues/1952 ### What happened? On desktop and on laptop same error: ERROR: ssl certificate doesn't exist: C:\Users\xxxx\AppData\Local\Barrier\SSL\Barrier.pem ### Version v2.4.0 ### Git commit hash (if applicable) _No response_ ### If applicable, where did you install Barrier from? Chocolately ### What OSes are you seeing the problem on? (Check all that apply) Windows ### What OS versions are you using? 22H2 19045.3155 ### Relevant log output ```shell 1] ERROR: ssl certificate doesn't exist: C:\Users\Robert\AppData\Local\Barrier\SSL\Barrier.pem [2023-07-07T15:26:47] INFO: OpenSSL 1.0.2l 25 May 2017 [2023-07-07T15:26:47] ERROR: ssl certificate doesn't exist: C:\Users\Robert\AppData\Local\Barrier\SSL\Barrier.pem [2023-07-07T15:27:03] INFO: OpenSSL 1.0.2l 25 May 2017 [2023-07-07T15:27:03] ERROR: ssl certificate doesn't exist: C:\Users\Robert\AppData\Local\Barrier\SSL\Barrier.pem [2023-07-07T15:27:19] INFO: OpenSSL 1.0.2l 25 May 2017 [2023-07-07T15:27:19] ERROR: ssl certificate doesn't exist: C:\Users\Robert\AppData\Local\Barrier\SSL\Barrier.pem [2023-07-07T15:27:35] INFO: OpenSSL 1.0.2l 25 May 2017 [2023-07-07T15:27:35] ERROR: ssl certificate doesn't exist: C:\Users\Robert\AppData\Local\Barrier\SSL\Barrier.pem [2023-07-07T15:27:51] INFO: OpenSSL 1.0.2l 25 May 2017 [2023-07-07T15:27:51] ERROR: ssl certificate doesn't exist: C:\Users\Robert\AppData\Local\Barrier\SSL\Barrier.pem server status: active ``` ### Any other information Barrier.pem does not exist
gitea-mirror commented 2026-05-05 07:49:55 -06:00
Author
Owner
Copy link

@mml commented on GitHub (Jul 8, 2023):

I am getting essentially the same message on Debian Bookworm running 2.4.0. Barrier worked fine on Debian bullseye (this was apparently 2.3.3).

<!-- gh-comment-id:1627507568 --> @mml commented on GitHub (Jul 8, 2023): I am getting essentially the same message on Debian Bookworm running 2.4.0. Barrier worked fine on Debian bullseye (this was apparently 2.3.3).
gitea-mirror commented 2026-05-05 07:49:56 -06:00
Author
Owner
Copy link

@NaokiS28 commented on GitHub (Jul 14, 2023):

I was getting the same error on macOS Ventura and Windows 11. If its an acceptable workaround in your case, you can disable SSL by opening barrier's settings and unchecking "Use SSL". I did that on both machines and it works again. I understand its less secure but then in a private instance it's probably fine

<!-- gh-comment-id:1635644751 --> @NaokiS28 commented on GitHub (Jul 14, 2023): I was getting the same error on macOS Ventura and Windows 11. If its an acceptable workaround in your case, you can disable SSL by opening barrier's settings and unchecking "Use SSL". I did that on both machines and it works again. I understand its less secure but then in a private instance it's probably fine
gitea-mirror commented 2026-05-05 07:49:57 -06:00
Author
Owner
Copy link

@tralves commented on GitHub (Jul 15, 2023):

Hi! I have SSL Fingerprint: Disabled both on MacOS and Win 11 and I have the same error.

<!-- gh-comment-id:1636571477 --> @tralves commented on GitHub (Jul 15, 2023): Hi! I have `SSL Fingerprint: Disabled` both on MacOS and Win 11 and I have the same error.
gitea-mirror commented 2026-05-05 07:49:57 -06:00
Author
Owner
Copy link

@Pegase01 commented on GitHub (Jul 17, 2023):

same for me between 2 mac
Mac OS Monterey 12.6.7 et MAC OS Ventura 13.4.1 (ARM)
Not able to deactivate SSL but this should not be the problem.
Application Support/barrier/ssl doesn't contain any certificate

  • I have a failed to connect secure socket with SSL error occured
<!-- gh-comment-id:1637616025 --> @Pegase01 commented on GitHub (Jul 17, 2023): same for me between 2 mac Mac OS Monterey 12.6.7 et MAC OS Ventura 13.4.1 (ARM) Not able to deactivate SSL but this should not be the problem. Application Support/barrier/ssl doesn't contain any certificate + I have a failed to connect secure socket with SSL error occured
gitea-mirror commented 2026-05-05 07:49:58 -06:00
Author
Owner
Copy link

@videoMonkey commented on GitHub (Aug 9, 2023):

I was experiencing this on my linux debian bookworm flatpak and my windows 10 computer. I dont know why, but I found some clues in this thread that led me to be able to resolve it on both platforms. On the arch wiki linked above it says

Note: Barrier v2.4.0 introduced a new keyfile format, which requires a SHA256 fingerprint and "v2:sha256:$fingerprint" formatted lines. For older versions, make sure the fingerprints are SHA1 and do not include a prefix.

and proceed to suggest the following commands

$ mkdir -p ~/.local/share/barrier/SSL/Fingerprints;
$ openssl req -x509 -nodes -days 365 -subj /CN=Barrier -newkey rsa:4096 -keyout ~/.local/share/barrier/SSL/Barrier.pem -out ~/.local/share/barrier/SSL/Barrier.pem;
$ fingerprint=$(openssl x509 -fingerprint -sha256 -noout -in ~/.local/share/barrier/SSL/Barrier.pem | cut -d"=" -f2);
$ echo "v2:sha256:$fingerprint" > ~/.local/share/barrier/SSL/Fingerprints/Local.txt;

being on flatpak I had to change ~/.local/share/barrier/SSL/ to the one I found listed in the barrier logs in all the commands. I don't remember what it was at this point.

Windows was a little tricker, I had to download the openssl.cnf from this repo and copy it to C:\OpenSSL\ssl\openssl.cnf and then I ran the following command

& 'C:\Program Files\Barrier\openssl.exe' req -x509 -nodes -days 365 -subj /CN=Barrier -newkey rsa:4096 -keyout "C:\Users\<user>\AppData\Local\Barrier\SSL\Barrier.pem" -out "C:\Users\<user>\AppData\Local\Barrier\SSL\Barrier.pem"

now things are working. I don't know why cert gen isn't working, in this release, that would be the real solution, but until then, this is what I did to get things going. I am using this at the office network with ~20 other users on the network and I don't want my input unencrypted.

<!-- gh-comment-id:1670932122 --> @videoMonkey commented on GitHub (Aug 9, 2023): I was experiencing this on my linux debian bookworm flatpak and my windows 10 computer. I dont know why, but I found some clues in this thread that led me to be able to resolve it on both platforms. On the [arch wiki](https://wiki.archlinux.org/title/Input_Leap#Set_up_encryption_on_server) linked above it says > Note: Barrier v2.4.0 introduced a new keyfile format, which requires a SHA256 fingerprint and "v2:sha256:$fingerprint" formatted lines. For older versions, make sure the fingerprints are SHA1 and do not include a prefix. and proceed to suggest the following commands ``` $ mkdir -p ~/.local/share/barrier/SSL/Fingerprints; $ openssl req -x509 -nodes -days 365 -subj /CN=Barrier -newkey rsa:4096 -keyout ~/.local/share/barrier/SSL/Barrier.pem -out ~/.local/share/barrier/SSL/Barrier.pem; $ fingerprint=$(openssl x509 -fingerprint -sha256 -noout -in ~/.local/share/barrier/SSL/Barrier.pem | cut -d"=" -f2); $ echo "v2:sha256:$fingerprint" > ~/.local/share/barrier/SSL/Fingerprints/Local.txt; ``` being on flatpak I had to change ` ~/.local/share/barrier/SSL/` to the one I found listed in the barrier logs in all the commands. I don't remember what it was at this point. Windows was a little tricker, I had to download the `openssl.cnf ` from this repo and copy it to `C:\OpenSSL\ssl\openssl.cnf` and then I ran the following command `& 'C:\Program Files\Barrier\openssl.exe' req -x509 -nodes -days 365 -subj /CN=Barrier -newkey rsa:4096 -keyout "C:\Users\<user>\AppData\Local\Barrier\SSL\Barrier.pem" -out "C:\Users\<user>\AppData\Local\Barrier\SSL\Barrier.pem"` now things are working. I don't know why cert gen isn't working, in this release, that would be the real solution, but until then, this is what I did to get things going. I am using this at the office network with ~20 other users on the network and I don't want my input unencrypted.
gitea-mirror commented 2026-05-05 07:49:59 -06:00
Author
Owner
Copy link

@Amagnum commented on GitHub (Aug 26, 2023):

The above one works! Just make sure to write the commands correctly!

<!-- gh-comment-id:1694507947 --> @Amagnum commented on GitHub (Aug 26, 2023): The above one works! Just make sure to write the commands correctly!
gitea-mirror commented 2026-05-05 07:50:00 -06:00
Author
Owner
Copy link

@Pegase01 commented on GitHub (Aug 28, 2023):

The above one works! Just make sure to write the commands correctly!

I do confirm : it works 👍 !
thanks @videoMonkey and @Amagnum

the only think was that barrier didn't accept to run anymore (but I migrated my OS from Monterey to Ventura in between) - it was just starting and disappearing.
I had to do another copy of the barrier.app from the downloaded .dmg to Application Folder and to follow this post : https://github.com/debauchee/barrier/issues/1945
Now SSL is enabled on my server (I should finish the test when I will my other computer back).

<!-- gh-comment-id:1695962433 --> @Pegase01 commented on GitHub (Aug 28, 2023): > The above one works! Just make sure to write the commands correctly! I do confirm : it works 👍 ! thanks @videoMonkey and @Amagnum the only think was that barrier didn't accept to run anymore (but I migrated my OS from Monterey to Ventura in between) - it was just starting and disappearing. I had to do another copy of the barrier.app from the downloaded .dmg to Application Folder and to follow this post : https://github.com/debauchee/barrier/issues/1945 Now SSL is enabled on my server (I should finish the test when I will my other computer back).
gitea-mirror commented 2026-05-05 07:50:01 -06:00
Author
Owner
Copy link

@gbicann commented on GitHub (Sep 6, 2023):

A macOS workaround is here.

<!-- gh-comment-id:1708687856 --> @gbicann commented on GitHub (Sep 6, 2023): A macOS workaround is [here](https://github.com/debauchee/barrier/issues/1945#issuecomment-1708685845).
gitea-mirror commented 2026-05-05 07:50:03 -06:00
Author
Owner
Copy link

@hi-ko commented on GitHub (Oct 18, 2023):

on windows just use ssl generate powershell script from https://github.com/debauchee/barrier/issues/1377#issuecomment-1593695744 to generate the missing ssl cert:

$cert = New-SelfSignedCertificate -DnsName Barrier -KeyExportPolicy Exportable

# Public key to Base64
$CertBase64 = [System.Convert]::ToBase64String($cert.RawData, 'InsertLineBreaks')

# Private key to Base64
$RSACng = [System.Security.Cryptography.X509Certificates.RSACertificateExtensions]::GetRSAPrivateKey($cert)
$KeyBytes = $RSACng.Key.Export([System.Security.Cryptography.CngKeyBlobFormat]::Pkcs8PrivateBlob)
$KeyBase64 = [System.Convert]::ToBase64String($KeyBytes, [System.Base64FormattingOptions]::InsertLineBreaks)

# Put it all together
$Pem = @"
-----BEGIN PRIVATE KEY-----
$KeyBase64
-----END PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
$CertBase64
-----END CERTIFICATE-----
"@

# Output to file
$Pem | Out-File -FilePath $env:LOCALAPPDATA\Barrier\SSL\Barrier.pem -Encoding Ascii
<!-- gh-comment-id:1769267518 --> @hi-ko commented on GitHub (Oct 18, 2023): on windows just use ssl generate powershell script from https://github.com/debauchee/barrier/issues/1377#issuecomment-1593695744 to generate the missing ssl cert: ```ps1 $cert = New-SelfSignedCertificate -DnsName Barrier -KeyExportPolicy Exportable # Public key to Base64 $CertBase64 = [System.Convert]::ToBase64String($cert.RawData, 'InsertLineBreaks') # Private key to Base64 $RSACng = [System.Security.Cryptography.X509Certificates.RSACertificateExtensions]::GetRSAPrivateKey($cert) $KeyBytes = $RSACng.Key.Export([System.Security.Cryptography.CngKeyBlobFormat]::Pkcs8PrivateBlob) $KeyBase64 = [System.Convert]::ToBase64String($KeyBytes, [System.Base64FormattingOptions]::InsertLineBreaks) # Put it all together $Pem = @" -----BEGIN PRIVATE KEY----- $KeyBase64 -----END PRIVATE KEY----- -----BEGIN CERTIFICATE----- $CertBase64 -----END CERTIFICATE----- "@ # Output to file $Pem | Out-File -FilePath $env:LOCALAPPDATA\Barrier\SSL\Barrier.pem -Encoding Ascii ```
gitea-mirror commented 2026-05-05 07:50:04 -06:00
Author
Owner
Copy link

@jhgorse commented on GitHub (Oct 31, 2023):

Duplicate. #231

See this comment for the known fixes: https://github.com/debauchee/barrier/issues/231#issuecomment-1143791895

<!-- gh-comment-id:1787677085 --> @jhgorse commented on GitHub (Oct 31, 2023): Duplicate. #231 See this comment for the known fixes: https://github.com/debauchee/barrier/issues/231#issuecomment-1143791895
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
enhancement/builds/windows-multi-versions-build
martin-furter-barrier-term
enhancement/builds/macos-universal
enhancement/builds/macos-universal-qt6-test
2.3.x
fix/lang-translation/ssl-slash-tls
feature/build/compile/32-bit
feature/build/compile/armv7
testing-framework
README-update
remotes/fork/README-update
remotes/fork/smartzeroconf
smartzeroconf
pages-devel
remotes/fork/pages-devel
pkgconfig
remotes/fork/pkgconfig
release
remotes/fork/release
v2.4.0
v2.3.4
v2.3.3
1.11.0-stable
v1.11.0-rc2
v2.3.2
v1.10.3-stable
v2.3.2-alpha
v2.3.1
v2.3.0
v1.10.2-stable
v1.10.2-rc1
v1.10.2-rc2
v2.1.2
v2.0.8-beta
v2.0.7-beta
v2.0.4-beta
v2.0.3-beta
v2.1.1
v2.1.0
v1.9.1-stable
v2.0.0
v1.9.0-stable
v2.0.0-RC2
v2.0.0-RC1
v2.0.0-stable
v1.8.8-stable
v1.8.7-stable
v1.8.6-stable
v1.8.5-stable
v1.8.4-stable
v1.8.3-stable
v1.8.1-stable
v1.8.0-beta
v1.7.3-stable
v1.7.2-stable
v1.7.1-stable
1.7.0
1.6.3-final
1.6.2
1.6.1
1.6.0
Labels
Clear labels   
HiDPI

   
bounty

   
bsd/freebsd

   
bsd/openbsd

   
bug

   
bug

   
build-infra

   
cantfix

   
critical

   
doc

   
duplicate

   
enhancement

   
fix-available

   
from git

   
from release

   
good first issue

   
help wanted

   
installer/package

   
invalid

   
linux

   
macOS

   
meta

   
needs testing

   
pull-request

Mirrored from GitHub Pull Request

  
query

   
question

   
regression

   
regression

   
v2.4.0

   
windows

   
wontfix

   
work-in-progress
No labels
HiDPI
bounty
bsd/freebsd
bsd/openbsd
bug
bug
build-infra
cantfix
critical
doc
duplicate
enhancement
fix-available
from git
from release
good first issue
help wanted
installer/package
invalid
linux
macOS
meta
needs testing
pull-request
query
question
regression
regression
v2.4.0
windows
wontfix
work-in-progress
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/barrier#1424
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?