Local won't turn on - Log says Regenerating Certificates

In rare circumstances, Local will have problems turning on, with the main screen hanging at the “Checking System” page.

One possible reason for this is due to Local not being able to make a reliable connection to the Virtual Machine. You can verify that this is what is going on by examining the Local log which is found by following these instructions: https://local.getflywheel.com/community/t/how-do-i-retrieve-locals-log-file/3720

If there are issues with Local generating those certificates, you will often see lines similar to this:

Dec 28, 2018, 1:52 PM PST - info: [main/check-system] Check System: Docker Machine:  
{ stdout: 'Running\n', stderr: '' }
Dec 28, 2018, 1:52 PM PST - info: [main/set-docker-env] Getting Docker Machine env.
Dec 28, 2018, 1:52 PM PST - info: [main/set-docker-env] Received Docker Machine env. 
Dec 28, 2018, 1:52 PM PST - warn: [main/set-docker-env] Error checking TLS connection: Error checking and/or regenerating the certs: There was an error validating certificates for host "192.168.75.100:2376": dial tcp 192.168.75.100:2376: i/o timeout
You can attempt to regenerate them using 'docker-machine regenerate-certs [name]'.
Be advised that this will trigger a Docker daemon restart which might stop running containers.


Dec 28, 2018, 1:52 PM PST - info: [main/set-docker-env] Going to regen machine certs.
Dec 28, 2018, 1:52 PM PST - info: [renderer/RegenMachineCertsPage] Regenerating Machine Certificates.
Dec 28, 2018, 1:52 PM PST - info: [renderer/CheckEnvPage] Check system promise response: 
[ undefined, 'invalid-certs' ]
Dec 28, 2018, 1:53 PM PST - info: [renderer/RegenMachineCertsPage] Regenerate machine cert response. 
Error {
  error:
   Error {
     message:
      'Command failed: "/Applications/Local by Flywheel.app/Contents/Resources/extraResources/virtual-machine/vendor/docker/osx/docker-machine" regenerate-certs -f local-by-flywheel\nUnable to verify the Docker daemon is listening: Maximum number of retries (10) exceeded\n',
     killed: false,
     code: 1,
     signal: null,
     cmd:
      '"/Applications/Local by Flywheel.app/Contents/Resources/extraResources/virtual-machine/vendor/docker/osx/docker-machine" regenerate-certs -f local-by-flywheel',
     name: 'Error' },
  stdout:
   'Regenerating TLS certificates\nWaiting for SSH to be available...\nDetecting the provisioner...\n',
  stderr:
   'Unable to verify the Docker daemon is listening: Maximum number of retries (10) exceeded\n' }
Dec 28, 2018, 1:53 PM PST - info: [main/check-system] Check System: Docker Machine:  
Error { stdout: 'Running\n', stderr: '' }
Dec 28, 2018, 1:53 PM PST - info: [main/set-docker-env] Getting Docker Machine env.
Dec 28, 2018, 1:53 PM PST - info: [main/check-system] Check System: Docker Machine:  
Error { stdout: 'Running\n', stderr: '' }
Dec 28, 2018, 1:53 PM PST - info: [main/set-docker-env] Getting Docker Machine env.
Dec 28, 2018, 1:53 PM PST - info: [main/set-docker-env] Received Docker Machine env. 
Dec 28, 2018, 1:53 PM PST - warn: [main/set-docker-env] Error checking TLS connection: Error checking and/or regenerating the certs: There was an error validating certificates for host "192.168.75.100:2376": dial tcp 192.168.75.100:2376: i/o timeout
You can attempt to regenerate them using 'docker-machine regenerate-certs [name]'.
Be advised that this will trigger a Docker daemon restart which might stop running containers.


Dec 28, 2018, 1:53 PM PST - info: [main/set-docker-env] Going to regen machine certs.
Dec 28, 2018, 1:53 PM PST - info: [renderer/RegenMachineCertsPage] Regenerating Machine Certificates.
Dec 28, 2018, 1:53 PM PST - info: [main/set-docker-env] Received Docker Machine env. 
Dec 28, 2018, 1:53 PM PST - warn: [main/set-docker-env] Error checking TLS connection: Error checking and/or regenerating the certs: There was an error validating certificates for host "192.168.75.100:2376": dial tcp 192.168.75.100:2376: i/o timeout
You can attempt to regenerate them using 'docker-machine regenerate-certs [name]'.
Be advised that this will trigger a Docker daemon restart which might stop running containers.


Dec 28, 2018, 1:53 PM PST - info: [main/set-docker-env] Going to regen machine certs.
Dec 28, 2018, 1:53 PM PST - info: [renderer/CheckEnvPage] Check system promise response: 
[ undefined, 'invalid-certs' ]
Dec 28, 2018, 1:54 PM PST - info: [renderer/RegenMachineCertsPage] Regenerate machine cert response. 
Error {
  error:
   Error {
     message:
      'Command failed: "/Applications/Local by Flywheel.app/Contents/Resources/extraResources/virtual-machine/vendor/docker/osx/docker-machine" regenerate-certs -f local-by-flywheel\nUnable to verify the Docker daemon is listening: Maximum number of retries (10) exceeded\n',
     killed: false,
     code: 1,
     signal: null,
     cmd:
      '"/Applications/Local by Flywheel.app/Contents/Resources/extraResources/virtual-machine/vendor/docker/osx/docker-machine" regenerate-certs -f local-by-flywheel',
     name: 'Error' },
  stdout:
   'Regenerating TLS certificates\nWaiting for SSH to be available...\nDetecting the provisioner...\n',
  stderr:
   'Unable to verify the Docker daemon is listening: Maximum number of retries (10) exceeded\n' }

Note that it goes in waves and follows a general pattern of:

  1. Trying to connect to the VM
  2. Unable to connect, so trying regenerate those certificates
  3. Regenerating the certs causes another error, so try it again

Understanding the problem

Remember that the general problem that is being encountered is that Local is having trouble creating a secure connection to the Virtual Machine.

A couple of things to think through and troubleshoot:

  1. Has anything changed recently in relation to the network settings for your computer?
  2. Any recent changes to the WiFi settings or LAN?
  3. Is a VPN in use that is preventing a connection to the Local Virtual Machine?
  4. Restart the computer, and try disabling WiFi, then start Local – does Local turn on?

If you are sure that there isn’t an issue with the LAN or the computer’s network settings, then it’s likely something that needs fixing with the VM.

Fixing the VM

The general fix falls into two main solutions:

  1. If you don’t mind starting from scratch, stop Local, delete the VM from within Virtual Box and restart Local to create a new VM
  2. Manually remove the old certs and manually regenerate them

The first option is pretty drastic, but it’s also the quickest and easiest way to get back to a working installation. If you aren’t too concerned about losing data, I would recommend that approach.

The second option is the one outlined in this Forum post:

https://local.getflywheel.com/community/t/regenerating-docker-machine-tls-certificate-checking-system-wont-start/5235/8?u=ben.turner

Thanks!

Special thanks for @richb-hanover for pushing for more authoritative documentation on this, as well as writing a blog post on the issue: http://richb-hanover.com/local-by-flywheel-wont-start-because-its-regenerating-docker-machine-tls-certificates/

Thanks to @Doug for pointing out the ways in which a VPN and networking issues, in general, can cause this issue to occur: https://local.getflywheel.com/community/t/regenerating-docker-machine-tls-certificate-checking-system-wont-start/5235/26?u=ben.turner

2 Likes