onap-discuss@lists.onap.org | #aaf #oof　AAF error: tls: expired certificate on OOF

Home Messages Hashtags Subgroups

Date Date 1 - 3 of 3

#aaf #oof　AAF error: tls: expired certificate on OOF

#oof　aaf #aaf

yu-kishimoto@kddi.com <yu-kishimoto@...> #21251 Hi, AAI & OOF experts I run into errors about certification when 'help deploy/undeploy dev-oof' --purge today. Although oof pods got Clashloops due to expired certificates, the crt files are not expired. Would you kindly give me any ideas to fix this issues? ## AAF ## $ kubectl -n onap logs dev-aaf-sms-57bd794bd5-kfvlj ERROR: 2020/05/30 06:57:34 vault.go:514: Get Vault Init Status: Get http://aaf-sms-db:8200/v1/sys/init: dial tcp 10.43.248.38:8200: connect: connection refused INFO: 2020/05/30 06:57:34 vault.go:515: Trying again in 10s... INFO: 2020/05/30 06:57:44 vault.go:527: Vault is not initialized. Initializing... WARNING: 2020/05/30 06:57:45 vault.go:389: Unable to find RoleID. Generating... ... * Vault is sealed ERROR: 2020/05/30 06:57:45 vault.go:85: InitRole First Attempt: Unable to create policy for approle creation WARNING: 2020/05/30 06:57:45 auth.go:85: Pemfile has extra data WARNING: 2020/05/30 07:00:08 vault.go:389: Unable to find RoleID. Generating... ERROR: 2020/05/30 07:00:08 auth.go:226: Read from file: open auth/role: no such file or directory 2020/06/04 00:38:21 http: TLS handshake error from 10.42.2.4:40246: remote error: tls: expired certificate 2020/06/04 00:38:27 http: TLS handshake error from 10.42.2.4:40282: remote error: tls: expired certificate 2020/06/04 00:38:48 http: TLS handshake error from 10.42.2.4:40378: remote error: tls: expired certificate ## OOF ## ubuntu@control:~$ kubectl -n onap logs dev-oof-75f4c9758c-p6rfw Running osdfapp.py Traceback (most recent call last): File "/usr/local/lib/python3.5/dist-packages/urllib3/connectionpool.py", line 677, in urlopen ... self._sslobj.do_handshake() ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:645) ## crt ## $ openssl x509 -noout -dates -in aaf_root_ca.cer notBefore=Apr 5 14:15:28 2018 GMT notAfter=Mar 31 14:15:28 2038 GMT $ openssl x509 -noout -dates -in org.onap.oof.crt notBefore=Apr 4 18:43:16 2020 GMT notAfter=Apr 4 18:43:16 2021 GMT Yukihiro Kishimoto
More All Messages By This Member
Aniello Paolo Malinconico #21252 Hi All, I have the same issue on Frankfurt release downloaded yesterday (03-06-2020) from gerrit. Can anyone help us to troubleshoot this issue? Thanks, Aniello Paolo Malinconico
More All Messages By This Member
Morgan Richomme <morgan.richomme@...> #21254 Hi I created a Jira https://jira.onap.org/browse/AAF-1159 Issue reproduced on the daily Frankfurt CI chain https://gating-results.onap.eu/results/onap_daily_pod4_frankfurt-580677273-06-04-2020_08-06/ (was OK yesterday: https://gating-results.onap.eu/results/onap_daily_pod4_frankfurt-578289627-06-03-2020_02-06/ ) as AAF-SMS certificate expired => it prevents OOF to start properly it explains the failure in the healthcheck tests (regression from 100% OK (RC2 criteria) to 50 %. unfortunately no smoke use case are dealing with OOF, that is why all the smoke tests are OK. but some Frankfurt use cases will not work anymore. it is a blocker for RC2 /Morgan De : onap-discuss@... [onap-discuss@...] de la part de Aniello Paolo Malinconico via lists.onap.org [aniellopaolo.malinconico=guest.telecomitalia.it@...] Envoyé : jeudi 4 juin 2020 09:55 À : yu-kishimoto@; onap-discuss@... Objet : Re: [onap-discuss] #aaf #oof　AAF error: tls: expired certificate on OOF Hi All, I have the same issue on Frankfurt release downloaded yesterday (03-06-2020) from gerrit. Can anyone help us to troubleshoot this issue? Thanks, Aniello Paolo Malinconico _________________________________________________________________________________________________________________________ Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration, Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci. This message and its attachments may contain confidential or privileged information that may be protected by law; they should not be distributed, used or copied without authorisation. If you have received this email in error, please notify the sender and delete this message and its attachments. As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified. Thank you.
More All Messages By This Member

1 - 3 of 3

1

Previous Topic Next Topic

Home Hashtags Subgroups Terms