lnd: [Bug] LND REST Proxy stop working if gRPC is exposed on 0.0.0.0

Background

When I added rpclisten=0.0.0.0:10009, then the rest endpoint sends me error 500:

Config:

restlisten=0.0.0.0:8080
rpclisten=0.0.0.0:10009
bitcoin.node=bitcoind
bitcoind.rpchost=bitcoind:43782
bitcoind.zmqpath=tcp://bitcoind:28332
externalip=testlnd1.btcpayserver.com:9735
alias=
noencryptwallet=1
notls=1
bitcoin.active=1
bitcoin.mainnet=1

Error:

{"error":"connection error: desc = \"transport: authentication handshake failed: x509: certificate is valid for 127.0.0.1, ::1, 172.18.0.6, not 0.0.0.0\"","code":13}

Workaround

Adding an unused rpclisten endpoint fix the situation.

restlisten=0.0.0.0:8080
rpclisten=127.0.0.1:10008
rpclisten=0.0.0.0:10009
bitcoin.node=bitcoind
bitcoind.rpchost=bitcoind:43782
bitcoind.zmqpath=tcp://bitcoind:28332
externalip=testlnd1.btcpayserver.com:9735
alias=
noencryptwallet=1
notls=1
bitcoin.active=1
bitcoin.mainnet=1

About this issue

  • Original URL
  • State: closed
  • Created 6 years ago
  • Reactions: 4
  • Comments: 18 (16 by maintainers)

Most upvoted comments

I ran into this exact problem too and was messing around with different ways for quite some time. Nicolas’s “add an extra line with rpclisten=127.0.0.1:10008” didn’t quite work for me and @dennisreimann’s suggestion didn’t work at first until I also deleted the tls.cert file and restarted lnd so that a new cert file would be generated with the new tlsextraip setting. Works perfectly now.

tl;dr: add tlsextraip=0.0.0.0 to the lnd.conf file, delete the tls.cert file, and then restart lnd.

+4
vindard on Mar 9, 2019
Read more comments on GitHub
← lnd: [bug]: LND frequently loses sync to chain with pruned backend
lnd: [bug]: LND Suddenly lots of force closes, `Error while broadcasting transaction` →