d-bis/proxmox
4
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
9c37af10c0325987b78f774069e82d668fb970d0
proxmox/docs/archive/fixes/METAMASK_RPC_CHAIN_ID_ERROR_FIX.md
defiQUG 9c37af10c0 Complete optional next steps: fix references and consolidate duplicates 
- Fixed 104 broken references in 59 files
- Consolidated 40+ duplicate status files
- Archived duplicates to reports/archive/duplicates/
- Created scripts for reference fixing and consolidation
- Updated content inconsistency reports

All optional cleanup tasks complete.
2026-01-06 02:25:38 -08:00

7.0 KiB
Raw Blame History

MetaMask "Could not fetch chain ID" Error Fix

Error: "Could not fetch chain ID. Is your RPC URL correct?"

Date: 2025-01-27
Network: ChainID 138 (DeFi Oracle Meta Mainnet)

🔴 Problem

When trying to add or connect to ChainID 138 in MetaMask, you see the error:

"Could not fetch chain ID. Is your RPC URL correct?"

This error occurs when MetaMask cannot communicate with the RPC endpoint.

🔍 Root Cause

The most common cause is that the RPC endpoint is requiring JWT authentication, which MetaMask does not support. MetaMask can only connect to public RPC endpoints that don't require authentication.

Expected Behavior:

  • Public RPC endpoint (https://rpc-http-pub.d-bis.org) should accept requests WITHOUT authentication
  • MetaMask should be able to call eth_chainId without any special headers

Current Issue:

  • The endpoint is returning: "Unauthorized. Missing or invalid JWT token"
  • This indicates the server is incorrectly configured with JWT authentication

Solution: Fix MetaMask Network Configuration

Step 1: Remove Existing Network

  1. Open MetaMask
  2. Click the network dropdown (top center)
  3. Click "Settings" (gear icon) or go to Settings → Networks
  4. Find "Defi Oracle Meta Mainnet" or "SMOM-DBIS-138"
  5. Click "Delete" or "Remove" to remove the network

Step 2: Add Network with Correct RPC URL

  1. Click "Add Network" → "Add a network manually"

  2. Enter these exact values:

    Network Name: Defi Oracle Meta Mainnet
RPC URL: https://rpc-http-pub.d-bis.org
Chain ID: 138
Currency Symbol: ETH
Block Explorer URL: https://explorer.d-bis.org (optional)

  3. Click "Save"

Critical Notes:

  • RPC URL must be https://rpc-http-pub.d-bis.org (the public endpoint)
  • Chain ID must be 138 (decimal, NOT hex 0x8a)
  • Do NOT use https://rpc-core.d-bis.org (deprecated/internal)
  • Do NOT use https://rpc-http-prv.d-bis.org (requires JWT auth)

Step 3: Verify Connection

  1. Switch to the network you just added
  2. Check if your balance loads (should show ETH balance if you have any)
  3. If you still get an error, proceed to the server-side fix below

🔧 Server-Side Fix (For Network Administrators)

If the error persists after updating MetaMask, the server configuration needs to be fixed.

Architecture

The actual routing path is:

Internet → Cloudflare DNS/SSL → Cloudflared Tunnel → Nginx (VMID 2500) → Besu RPC (192.168.11.250:8545)

Endpoints:

  • https://rpc-http-pub.d-bis.org → Routes to http://192.168.11.250:8545
  • wss://rpc-ws-pub.d-bis.org → Routes to ws://192.168.11.250:8546

Issue

The Nginx configuration on VMID 2500 (192.168.11.250) is incorrectly configured with JWT authentication for the public endpoint. It should serve rpc-http-pub.d-bis.org WITHOUT authentication.

Fix Steps

  1. Verify Nginx Configuration on VMID 2500:

    ssh root@192.168.11.10 "pct exec 2500 -- cat /etc/nginx/sites-available/*"
ssh root@192.168.11.10 "pct exec 2500 -- nginx -T | grep -A 20 'rpc-http-pub'"

  2. Check for JWT Authentication:

    • Look for auth_request directives
    • Look for Lua JWT validation scripts
    • Check if rpc-http-pub.d-bis.org is configured with JWT

  3. Remove JWT Authentication from Public Endpoint:

    • The Nginx config for rpc-http-pub.d-bis.org should NOT include JWT validation
    • Remove any auth_request directives for the public endpoint
    • Remove any Lua JWT validation scripts for the public endpoint

  4. Correct Nginx Configuration Should Look Like:

    # Public endpoint - NO authentication
server {
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name rpc-http-pub.d-bis.org;

    # SSL configuration...

    location / {
        proxy_pass http://127.0.0.1:8545;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        # NO JWT authentication here!
    }
}

# Public WebSocket endpoint - NO authentication
server {
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name rpc-ws-pub.d-bis.org;

    # SSL configuration...

    location / {
        proxy_pass http://127.0.0.1:8546;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        # NO JWT authentication here!
    }
}

  5. Test the Endpoint:

    curl -X POST https://rpc-http-pub.d-bis.org \
  -H "Content-Type: application/json" \
  -d '{"jsonrpc":"2.0","method":"eth_chainId","params":[],"id":1}'

    Expected Response:

    {"jsonrpc":"2.0","id":1,"result":"0x8a"}

    If you get JWT error: JWT authentication is still enabled (wrong!)

  6. Restart Nginx:

    ssh root@192.168.11.10 "pct exec 2500 -- nginx -t"
ssh root@192.168.11.10 "pct exec 2500 -- systemctl restart nginx"

  7. Verify Cloudflared Tunnel Routing:

    • Check that Cloudflared tunnel is routing rpc-http-pub.d-bis.org to Nginx on VMID 2500
    • Verify tunnel configuration matches the actual routing path

Verify Configuration

Endpoint Should Require Auth? Status
https://rpc-http-pub.d-bis.org NO Should work without JWT
https://rpc-http-prv.d-bis.org YES Requires JWT (correct)

📋 Troubleshooting Checklist

If the error persists, check:

  • RPC URL is exactly https://rpc-http-pub.d-bis.org (no typos)
  • Chain ID is 138 (decimal, not 0x8a or hex)
  • Network was removed and re-added after changing RPC URL
  • Browser cache cleared and MetaMask reloaded
  • Server endpoint responds to eth_chainId without JWT token
  • Nginx on VMID 2500 is configured without JWT for public endpoint
  • Cloudflared tunnel is routing rpc-http-pub.d-bis.org correctly
  • Request path: Cloudflare → Cloudflared → Nginx (VMID 2500) → Besu RPC (192.168.11.250:8545)

🔗 Related Documentation

📞 Getting Help

If you continue to experience issues:

  1. Test the RPC endpoint using the curl command above
  2. Check MetaMask console for detailed error messages
  3. Verify network settings in MetaMask match the values above
  4. Contact network administrators if the server needs reconfiguration

Last Updated: 2025-01-27
Status: Active issue - requires server configuration fix

Reference in New Issue View Git Blame Copy Permalink