Failed to sync TRUENAS catalog

I have encounter the following error on my TrueNAS SCALE server:

#### Failed to sync TRUENAS catalog: [EFAULT] Failed to clone '' repository at '/var/run/middleware/ix-applications/catalogs/github_com_truenas_charts_git_master' destination: [EFAULT] Failed to clone '' repository at '/var/run/middleware/ix-applications/catalogs/github_com_truenas_charts_git_master' destination: Cloning into '/var/run/middleware/ix-...

2024-05-09 18:15:59 (Europe/London)

I have tried to curl the corresponding resources. It reported the following error:

$ curl ''

curl: (60) SSL certificate problem: unable to get local issuer certificate

More details here:

curl failed to verify the legitimacy of the server and therefore could not

establish a secure connection to it. To learn more about this situation and

how to fix it, please visit the web page mentioned above.

I googled a bit and some mentioned the ntp problem hence I checked the date. It was correct.

$ date
Thu May  9 20:48:51 BST 2024

How do I fix it?

I have identified the problem. It is caused by a misconfigured BIND9 zone file.

1 Like


Hello, Can you share more about the repair process? thanks~

Sure. I have set up an internal BIND9 master server which provides a closed DNS look up for a domain “home.ngs”. A reverse-proxy server is running on a Synology NAS. Hence I have directed wildcard look up (*.home.ngs) to it.

Unfortunately for reasons beyond my comprehension. It seems matched “” or “” on the curl/nslookup/ping commands but dig worked fine.

I have to remove the line domain in /etc/resolv.conf of TrueNAS SCALE 24.04.0 via WebUI in order to fix it as shown below.

domain home.ngs    # removed

The content of BIND9 master record of /etc/bind/zones/db.home.ngs as following:

; BIND data file for home.ngs
$ORIGIN home.ngs.
$TTL    7d  ; Time to live for a week
@   IN  SOA ns.home.ngs. hostmaster.home.ngs. (
            7d )
                IN      NS      ns.home.ngs.
                IN      NS      ns2.home.ngs.
        IN  A
                IN      TXT     "Ng's Home LAN"
; Addresses for the canonical names
@       IN  A
ns      IN  A
ns2     IN  A
ds918plus           IN      A
; Aliases
*               IN      CNAME   ds918plus

Default behavior of dig is not to search domain/search-list.

root@arch:~ # dig A +short truenas
root@arch:~ # dig A +short +search truenas
1 Like

Do you mind telling me how to fix it without losing the default domain? Thanks.

Try adding “.” as an “additional domain”

I thought it wouldn’t add it as a search value, but apparently it does. Lovely. I’m not too sure if it will work though.

EDIT, again (probably about number 4-5 by now):
I’ve just tested it on my end and it works

root@truenas[~]# nslookup truenas

Name:   truenas

root@truenas[~]# nano /etc/resolv.conf
root@truenas[~]# nslookup truenas

Name:   truenas.example.lan
1 Like


I am not familiar with these. How to add a “.” domain? Is it a zone config file on the DNS server?

Btw, the current bind9 settings was working fine. All the clients on the LAN have not problem until I have reinstalled TrueNAS SCALE 24.04.0 and restored the old configurations in order to convert the boot pool into a mirror with a smaller drive added.

In TrueNAS: Network → Global Settings → Additional Domains

1 Like

Thanks a ton.

I have added the additional “.” domain with the “home.ngs” as the domain together. It works well.

But strangely, it also works after I removed the additional “.” domain afterwards. I don’t really know what is going on here. :thinking:

1 Like

May be TrueNAS not properly removing search . from /etc/resolv.conf, not sure. Could also be some form of DNS caching linux does, it’s not something I’ve ever looked in to.

Glad to hear it’s working though :slight_smile:

1 Like