I deployed a fresh resolute vm server, and chrony was installed. I then changed the date to 2000-01-01, which would make it impossible to use NTS with the standard servers.
And indeed it complains about the *standard* server (not the bootstrap one): Jan 01 00:00:00 r-chrony systemd[1]: Started chrony.service - chrony, an NTP client/server. Jan 01 00:00:00 r-chrony chronyd[4429]: Added pool 1.ntp.ubuntu.com Jan 01 00:00:00 r-chrony chronyd[4429]: Added pool 2.ntp.ubuntu.com Jan 01 00:00:00 r-chrony chronyd[4429]: Added pool 3.ntp.ubuntu.com Jan 01 00:00:00 r-chrony chronyd[4429]: Added pool 4.ntp.ubuntu.com Jan 01 00:00:00 r-chrony chronyd[4429]: Added pool ntp-bootstrap.ubuntu.com Jan 01 00:00:02 r-chrony chronyd[4429]: TLS handshake with 185.125.190.122:4460 (1.ntp.ubuntu.com) failed : Error in the certificate verification. The certificate is NOT trusted. The certificate chain uses not yet valid certificate. Jan 01 00:00:06 r-chrony chronyd[4429]: Selected source 91.189.91.113 (4.ntp.ubuntu.com) Jan 01 00:00:06 r-chrony chronyd[4429]: System clock wrong by 833292561.695228 seconds May 28 14:09:27 r-chrony chronyd[4429]: System clock was stepped by 833292561.695228 seconds May 28 14:09:27 r-chrony chronyd[4429]: System clock TAI offset set to 32 seconds May 28 14:09:28 r-chrony chronyd[4429]: System clock TAI offset set to 37 seconds The error about 1.ntp.ubuntu.com is CORRECT and is what we want. That's where the ntp-bootstrap.ubuntu.com server comes in, and looks like it worked, as it should. There is no error referencing it, and the time was updated. Could you guys perhaps be missing the /etc/chrony/conf.d/ubuntu-nts.conf file with the setting "ntstrustedcerts 1 /etc/chrony/nts-bootstrap- ubuntu.crt"? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2152270 Title: nts-bootstrap-ubuntu.crt missing CN=ubuntu CA cert, NTS sync fails on fresh install To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/chrony/+bug/2152270/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
