Skip to content

mTLS certificates broken #4278

New issue
New issue
Open
#4293
Open
mTLS certificates broken#4278
#4293
Labels
triage-needed
@Foosec

Description

@Foosec
Foosec
opened on Aug 4, 2025

Describe the problem

It seems something went wrong when implementing multiple profiles (Great feature addition btw!)
The certificate isn't sent to the idp and thus fails to parse its response.

To Reproduce

Steps to reproduce the behavior:

  1. Use a IDP with mTLS
  2. Try to connect

Expected behavior

Send the ClientCert to the IDP

Are you using NetBird Cloud?

No

NetBird version

netbird-ui-0.52.2-1.x86_64
netbird-0.52.2-1.x86_64

Is any other VPN software installed?

No

Debug output

2025-08-02T16:48:49+02:00 INFO client/cmd/service_controller.go:27: starting Netbird service
2025-08-02T16:48:49+02:00 INFO client/cmd/service_controller.go:74: started daemon server: /var/run/netbird.sock
2025-08-04T11:06:40+02:00 INFO client/cmd/service_controller.go:27: starting Netbird service
2025-08-04T11:06:40+02:00 INFO client/cmd/service_controller.go:74: started daemon server: /var/run/netbird.sock
2025-08-04T14:44:08+02:00 INFO client/server/server.go:477: active profile: default for
2025-08-04T14:44:09+02:00 ERRO management/client/grpc.go:349: failed to login to Management Service: rpc error: code = PermissionDenied desc = peer login has expired, please log in once more
2025-08-04T14:44:09+02:00 WARN client/server/server.go:310: failed login: rpc error: code = InvalidArgument desc = invalid setup-key or no sso information provided, err: invalid UUID length: 0
2025-08-04T14:44:13+02:00 ERRO client/server/server.go:626: waiting for browser login failed: PKCE authorization flow failed: oauth2: cannot parse json: invalid character '<' looking for beginning of value
2025-08-04T14:45:02+02:00 INFO client/internal/profilemanager/config.go:479: Loaded client mTLS cert/key pair

Screenshots

If applicable, add screenshots to help explain your problem.

Additional context
Im the original contributor for mTLS, i just quickly overlooked the changes and didn't notice anything breaking right off the bat.
If the author notices an issue quick i'll be glad, otherwise i'll take some time in the coming days to debug it myself and get a PR going.

Add any other context about the problem here.

Have you tried these troubleshooting steps?

  • Reviewed client troubleshooting (if applicable)
  • Checked for newer NetBird versions
  • Searched for similar issues on GitHub (including closed ones)
  • Restarted the NetBird client
  • Disabled other VPN software
  • Checked firewall settings

Metadata

Metadata

Assignees

No one assigned

    Labels

    triage-needed

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions