Hi, AAI & OOF experts
I run into errors about certification when 'help deploy/undeploy dev-oof' --purge today.
Although oof pods got Clashloops due to expired certificates, the crt files are not expired.
Would you kindly give me any ideas to fix this issues?
## AAF ##
$ kubectl -n onap logs dev-aaf-sms-57bd794bd5-kfvlj
ERROR: 2020/05/30 06:57:34 vault.go:514: Get Vault Init Status: Get http://aaf-sms-db:8200/v1/sys/init: dial tcp 10.43.248.38:8200: connect: connection refused
INFO: 2020/05/30 06:57:34 vault.go:515: Trying again in 10s...
INFO: 2020/05/30 06:57:44 vault.go:527: Vault is not initialized. Initializing...
WARNING: 2020/05/30 06:57:45 vault.go:389: Unable to find RoleID. Generating...
...
* Vault is sealed
ERROR: 2020/05/30 06:57:45 vault.go:85: InitRole First Attempt: Unable to create policy for approle creation
WARNING: 2020/05/30 06:57:45 auth.go:85: Pemfile has extra data
WARNING: 2020/05/30 07:00:08 vault.go:389: Unable to find RoleID. Generating...
ERROR: 2020/05/30 07:00:08 auth.go:226: Read from file: open auth/role: no such file or directory
2020/06/04 00:38:21 http: TLS handshake error from 10.42.2.4:40246: remote error: tls: expired certificate
2020/06/04 00:38:27 http: TLS handshake error from 10.42.2.4:40282: remote error: tls: expired certificate
2020/06/04 00:38:48 http: TLS handshake error from 10.42.2.4:40378: remote error: tls: expired certificate
## OOF ##
ubuntu@control:~$ kubectl -n onap logs dev-oof-75f4c9758c-p6rfw
Running osdfapp.py
Traceback (most recent call last):
File "/usr/local/lib/python3.5/dist-packages/urllib3/connectionpool.py", line 677, in urlopen
...
self._sslobj.do_handshake()
ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:645)
## crt ##
$ openssl x509 -noout -dates -in aaf_root_ca.cer
notBefore=Apr 5 14:15:28 2018 GMT
notAfter=Mar 31 14:15:28 2038 GMT
$ openssl x509 -noout -dates -in org.onap.oof.crt
notBefore=Apr 4 18:43:16 2020 GMT
notAfter=Apr 4 18:43:16 2021 GMT
Yukihiro Kishimoto
