Can no longer access my SB from browsers - help please
Silverbullet running on a Raspberry Pi5 (Ubuntu) in a Docker container as per the guides
SB_USER credentials specified
Enabled automatic upgrades with watchtower
Tailscale setup for access (from within my Tailscale VPN) using tailscale serve
Enabled HTTPS and provisioned TLS certificate for my Pi using this guide
Certificate is valid and not expired
My Pi and PC (and phone) are all listed and shown connected in the Tailscale console
I was able to access SB from my Windows 11 machine using Chrome - that’s where I was starting to learn SB scripting
Then a few weeks ago I get the following browser error message:
The connection for this site is not secure
[IP Address] sent an invalid response.
ERR_SSL_PROTOCOL_ERROR
I am unable proceed past this point. Same with Edge & DDG
I see nothing in the browser console, I have tried local IP address port 3000 and
Tailscale IP address:3000. Tailscale is running on Pi and Windows machine. I have restarted and rebooted everything.
I can access SB on the Pi from my Android phone running Tailscale (over wireless LAN, or Cellular from outside my LAN) using DuckDuckGo. I can read and write files from my phone to my SB space no problem.
But I am unable to access SB from a browser using a PC that is on the same physical network. I have searched these discussion topics and documentation for days without making progress. This seems like an IT Admin / SSL issue rather than an issue with SB, but I am at a loss. What am I missing please?
This sounds like perhaps your tailscale authentication may have expired? Can you see if you can find tailscale logs somewhere, or try to authenticate tailscale again on whichever machine you run and expose SilverBullet from?
Looks like I can only get network traffic logs on the Tailscale Premium plan.
Don’t know if any of this is relevant, but:
From my Tailscale Admin console / Machine details:
Android phone - from which I can access my self-hosted Silverbullet via Tailscale Win 11 PC - from which I cannot access my self-hosted Silverbullet
Tailscale Machine Details show the following for both:
Last seen = Connected
Key expiry = 4 months from now
TLS Certificate / Status = No certificate found
(I only created a TLS cert for the Pi hosting Docker & Silverbullet)
Client Connectivity
Varies No
IPv6 No
UDP Yes
UPnP No
PCP No
NAT-PMP No
RaspberryPi5 - hosting Silverbullet
Last seen = Connected
Key expiry = 4 months from now
TLS Certificate Status = Valid until 3 months from now
Client Connectivity
Varies Yes (“Whether the machine is behind a difficult NAT that varies the machine’s IP address depending on the destination.”)
IPv6 No
UDP Yes
UPnP No
PCP No
NAT-PMP No
This is really my first serious attempt at self-hosting. Maybe I’m missing something fundamental? It just worked so well to be able to use Silverbullet from my laptop - for weeks. Then it stopped working, something changed, I just have not figured out what - yet
I also redid my tailscale cert (sudo tailscale cert [machine name]) on the Pi I’m running SB from
Cleared browser cache on the client PC and tried an Incognito window
I can always access my Silverbullet from my Android phone, but I now only get ERR_SSL_PROTOCOL_ERROR when trying to access the same address & content from my Windows machine.
(I also tried disabling the firewall on the Windows machine, and see no relevant log entries there either)
I realized I was able to access Silverbullet from the PWA on my phone, but when I replicated how I was trying to access SB from my laptop - i.e. from a browser, I hit the same error. Sometimes I would get {“redirect”:“/”,“status”:“ok”} in the browser but then the same SSL error.
Today I did three things; I don’t think either of the first two did anything to change my issue:
moved my *.crt and *.key files from the folder containing my space folder, into my space folder.
re-ran sudo tailscale serve --bg 3000. Cruicially this returned my tailscale url and reminded me I could try accessing my server this way instead
For the first time I then tried accessing SB via my tailscale url, authenticated, and success!
I have access back
Before this I was only using the Tailscale IP address or the local IP address of my server (both port 3000). These approaches used to work fine to access SB, but then at some point this approach stopped working and only generated the SSL error.
I never tried using the Tailscale-generated URL before. Sorry for my lack of understanding of Tailscale Serve, thank you for pointing me in the right direction!
