LND gRPC TLS Certificate Error -- Fix Handshake Failures

LND gRPC TLS Certificate Error -- Fix Handshake Failures

LND Troubleshooting Guide

Common TLS Errors

transport: authentication handshake failed
tls: failed to verify certificate
could not load TLS credentials

Regenerate TLS Certificate

Stop LND, delete the old cert, then restart:

systemctl stop lnd
rm ~/.lnd/tls.cert ~/.lnd/tls.key
systemctl start lnd

Add Extra IP to TLS Cert

Add to lnd.conf, then regenerate:

[Application Options]
tlsextraip=1.2.3.4
tlsextradomain=mynode.example.com

Copy TLS Cert to Client

scp user@node:~/.lnd/tls.cert ./tls.cert
lncli --tlscertpath=./tls.cert --rpcserver=node-ip:10009 getinfo

REST API with TLS

curl --cacert ~/.lnd/tls.cert -H Grpc-Metadata-macaroon:MACAROON https://localhost:8080/v1/getinfo

Certificate Expired

LND TLS certs do not auto-rotate. Delete tls.cert and tls.key, then restart LND to regenerate.

Report content on this page

Report Page

Please submit your DMCA takedown request to dmca@telegram.org