Desktop Modeler - Cannot connect to Zeebe Cluster

vinothkumar · March 18, 2024, 8:34am

Hi Team,
I am running Camunda 8.2 successfully in OpenShift Cluster. When I try to connect my Zeebe-gateway using camunda modeler I am getting “Cannot connect to Zeebe Cluster”.
I understood from blogs that needs to add flag.json and need to provide the pem certificate. But can someone tell me exactly how to do it.

I have the keystore.jks & truststorer.jks in my openshift cluster. How can I point in my desktop modeler and can connect

vinothkumar · March 18, 2024, 5:42pm

Hello @nathan.loding @StephanHaarmann can someone help me on this ?

StephanHaarmann · March 19, 2024, 6:29am

Hello @vinothkumar,

You are correct: If you secure the Zeebe Gateway with TLS, the Desktop Modeler needs the certificate to deploy models. The location of the certificate can be configured via the flags. See the following page in our documentation:

Now, the Desktop Modeler does not support the JKS-format, instead the PEM format could be used. There are various online resources on how to convert a JKS file into a PEM file, see this one for an example.

vinothkumar · March 19, 2024, 10:23am

Yes @StephanHaarmann . Even I tried putting inside the modeler the pem file and tried. Still the issue exist when I try to connect the Zeebe-gateway URL… When I do the ping from git bash its responding fine. Any suggestion

nathan.loding · March 19, 2024, 11:44am

@vinothkumar - ping doesn’t show that port 26500 and HTTP/2 are allowed through to the gateway. Have you tried using another tool, such as zbctl, to connect to the gateway? zbctl can sometimes give more detailed error messages, and can also show whether the issue is with Desktop Modeler or something else.

vinothkumar · March 20, 2024, 10:24am

Thanks for your reply @nathan.loding ,
Quick two questions,

I am using the certificate which is holding both keystore & truststore. Can you please help me to generate pem file.
what is the command to check zbctl to verify my zeebe-gateway is working fine.

vinothkumar · March 20, 2024, 2:59pm

@StephanHaarmann @nathan.loding any help from you ?

vinothkumar · March 20, 2024, 5:28pm

When I try to run the modeler via command prompt, I can able to see the logs as well it is fetching the flags.json file and It’s loaded my pem file as well.

But giving the error saying that,
No connection established. Last error. Una le to get local issuer certificate

@StephanHaarmann @nathan.loding could you please help on this

nathan.loding · March 21, 2024, 8:33pm

@vinothkumar - you can use zbctl like this:

zbctl status --address https://address.of.zeebe:26500 --certPath /path/to/cert.pem

What is the output of that command?

Also a reminder that these forums are community driven and not an official support channel. Your issue sounds a bit pressing; if you need priority support with SLA’s, I can get you in touch with someone to discuss!