ConnectionRefused when trying to connect with Thin-Edge client

Product/components used and version/fix level:

OS: Yocto Linux

Linux version 6.1.46-gnid (oe-user@oe-host) (aarch64-oe-linux-gcc (GCC) 11.4.0, GNU ld (GNU Binutils) 2.38.20220708)

Thin-Edge 1.2.0

Detailed explanation of the problem:

Trying to connect device to Cumulocity using a thin-edge client. Certificate upload is successful and I am able to see it in the Cumulocity web interface, but connection fails and gives “ConnectionRefused” error message (please see output from connect below).

Error messages / full error message screenshot / log file:

root@IRX200-K234500070:~# tedge connect c8y
The system config file ‘/etc/tedge/system.toml’ doesn’t exist. Using ‘/bin/systemctl’ as the default service manager

Detected mosquitto version >= 2.0.0
Checking if systemd is available.

Checking if configuration for requested bridge already exists.

Validating the bridge certificates.

Creating the device in Cumulocity cloud.

Saving configuration for requested bridge.

Restarting mosquitto service.

Awaiting mosquitto to start. This may take up to 5 seconds.

Enabling mosquitto service on reboots.

Successfully created bridge connection!

Sending packets to check connection. This may take up to 2 seconds.

ERROR: Io(Os { code: 111, kind: ConnectionRefused, message: “Connection refused” })
Warning: Bridge has been configured, but Cumulocity connection check failed.

Checking if tedge-mapper is installed.

Warning: tedge-mapper is not installed.

ERROR: Io(Os { code: 111, kind: ConnectionRefused, message: “Connection refused” })

Make sure mosquitto is running.
Failed to get the connected tenant URL from Cumulocity.

Enabling software management.

Checking if tedge-agent is installed.

Info: Software management is not installed. So, skipping enabling related components.

Question related to a free trial, or to a production (customer) instance?

Few things that might be interesting to check:

1. Are all 3 services up and running? sudo systemctl status mosquitto.service tedge-agent tedge-mapper-c8y (your log actually tells the mapper not being installed?)

2. Which steps did you take for installation?

3. Can you provide the output of tedge config list?

4. Test if your network allows outgoing traffic via MQTT (this is often restricted in e.g. office networks). I think you could try via telnet {your tenant url, e.g. example.cumulocity.com} 8883

5. Are you using a custom domain name for your tenant (Customizing your platform - Cumulocity IoT documentation)?

Hi,

Thanks for the quick reply!

1. Mosquitto is running, but tedge-mapper and tedge-agent are not, I suspect they are not installed

2. I installed using curl, more specifically this command:
   curl -fsSL https://thin-edge.io/install.sh | sh -s

3. tedge config list

device.id=IRX200-K234500070
device.key_path=/etc/tedge/device-certs/tedge-private-key.pem
device.cert_path=/etc/tedge/device-certs/tedge-certificate.pem
device.csr_path=/etc/tedge/device-certs/tedge.csr
device.type=thin-edge.io
c8y.url=devicecertification-nordicid.eu-latest.cumulocity.com
c8y.root_cert_path=/etc/ssl/certs
c8y.smartrest.templates=[]
c8y.http=devicecertification-nordicid.eu-latest.cumulocity.com:443
c8y.mqtt=devicecertification-nordicid.eu-latest.cumulocity.com:8883
c8y.topics=["te/+/+/+/+", "te/+/+/+/+/twin/+", "te/+/+/+/+/m/+", "te/+/+/+/+/e/+", "te/+/+/+/+/a/+", "te/+/+/+/+/status/health"]
c8y.enable.log_upload=true
c8y.enable.config_snapshot=true
c8y.enable.config_update=true
c8y.enable.firmware_update=false
c8y.proxy.bind.address=127.0.0.1
c8y.proxy.bind.port=8001
c8y.proxy.client.host=127.0.0.1
c8y.proxy.client.port=8001
c8y.bridge.include.local_cleansession=auto
c8y.bridge.topic_prefix=c8y
c8y.entity_store.auto_register=true
c8y.entity_store.clean_start=true
c8y.software_management.api=legacy
c8y.software_management.with_types=false
c8y.operations.auto_log_upload=on-failure
c8y.availability.enable=true
c8y.availability.interval=60m
az.root_cert_path=/etc/ssl/certs
az.mapper.timestamp=true
az.mapper.timestamp_format=unix
az.topics=["te/+/+/+/+/m/+", "te/+/+/+/+/e/+", "te/+/+/+/+/a/+", "te/+/+/+/+/status/health"]
aws.root_cert_path=/etc/ssl/certs
aws.mapper.timestamp=true
aws.mapper.timestamp_format=unix
aws.topics=["te/+/+/+/+/m/+", "te/+/+/+/+/e/+", "te/+/+/+/+/a/+", "te/+/+/+/+/status/health"]
mqtt.topic_root=te
mqtt.device_topic_id=device/main//
mqtt.bind.address=127.0.0.1
mqtt.bind.port=1883
mqtt.client.host=127.0.0.1
mqtt.client.port=1883
mqtt.bridge.built_in=false
mqtt.bridge.reconnect_policy.initial_interval=30s
mqtt.bridge.reconnect_policy.maximum_interval=10m
mqtt.bridge.reconnect_policy.reset_window=5m
http.bind.port=8000
http.bind.address=127.0.0.1
http.client.port=8000
http.client.host=127.0.0.1
agent.state.path=/data/tedge/agent
agent.enable.config_update=true
agent.enable.config_snapshot=true
agent.enable.log_upload=true
software.plugin.max_packages=1000
run.path=/run
run.lock_files=true
run.log_memory_interval=0
logs.path=/var/log/tedge
tmp.path=/tmp
data.path=/var/tedge
firmware.child.update.timeout=1h
service.type=service
service.timestamp_format=unix
apt.dpk.options.config=keepold
sudo.enable=true

4. Connection seems to be working OK:

root@IRX200-K234500070:~# telnet ***-***.eu-latest.cumulocity.com 8883
Connected to ***-***.eu-latest.cumulocity.com
Connection closed by foreign host

5. According to the instructions and test described (script below) in thin-edge website (can’t post links for some reason), it is not a custom domain. The tenant is provided to us for evaluation/device certification purposes.

curl -sfL https://example.eu-latest.com/tenant/loginOptions | jq -r '.loginOptions[] | select(.loginRedirectDomain) | .loginRedirectDomain'

This seems to be solved. The problem was that our mosquitto service was started with a configuration that had no idea about thin-edge/Cumulocity, so I just needed to add the tedge configuration file path to /etc/mosquitto/mosquitto.conf as include_dir, like so:

include_dir /etc/tedge/mosquitto-conf