Api server init - unable to run local API authenticate watcher

Hi, I have crowdsec set up with HAProxy and it was been working for some time. I’ve just noticed that it is no longer working and this may be due to my having updated everything on my server (ubuntu).
the error I get in crowdsec.log is

time="2025-01-24T09:52:17+01:00" level=fatal msg="api server init: unable to run local API: authenticate watcher ('my api credentials user login'): Post \"https://api.crowdsec.net/v3/watchers/login\": performing jwt auth: dial tcp 18.154.41.67:443: connect: connection refused"

the credentials which appear in the parenthesis are the same as those which appear in /etc/crowdsec/online_api_credentials.yaml

I assume that something has to be updated due to using a more recent version due to my updating the system
or the password I had configured has expired. Ive searched my profile on crowdsec.net but can’t find anywhere to reset the password. I do see the api username mentioned above under security engines, but no reset link.

Anyone know what I need to do?

Have you restricted outgoing connections at all as it failing to connect back to our service.

The username and password in that file is auto generated so you dont need to touch that, it seems it just failing to open a connection to us.

That was the problem. I had a firewall rule which permitted access to amazon-eu-west, but it seems that crowdsec is now connecting to a service based in the US. I changed the rule to permit access to amazon cloudfront and its now working.
I didn’t tie up the firewall logs with the crowdsec logs. I should have guessed.

1 Like