We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Describe the bug
When trying to upgrade from 4.04 to devel or 4.05, with Let's Encrypt on.
`TASK [tomcat : Create Keystore] ************************************************************************************************************************************************************** fatal: [vesgint-idx.ipsl.upmc.fr]: FAILED! => { "changed": false, "cmd": "/usr/bin/openssl pkcs12 -export -name my_esgf_node -in /tmp/my_esgf_node.crt -inkey /tmp/my_esgf_node.key -out /tmp/keystore.p12 -passout '********'", "rc": 1 }
STDERR:
No certificate matches private key
MSG:
fatal: [vesgint-data.ipsl.upmc.fr]: FAILED! => { "changed": false, "cmd": "/usr/bin/openssl pkcs12 -export -name my_esgf_node -in /tmp/my_esgf_node.crt -inkey /tmp/my_esgf_node.key -out /tmp/keystore.p12 -passout '********'", "rc": 1 }
No certificate matches private key`
Full log: 6_upgrade_int_to_devel_lets.log
To Reproduce
ansible-playbook -i hosts.int -u root install.yml
idx&idp config:
`ansible_user: root
globushostcert: /root/certs/local_certs/hostcert.pem globushostkey: /root/certs/local_certs/hostkey.pem
myproxycacert: /root/certs/local_certs/cacert.pem myproxycakey: /root/certs/local_certs/cakey.pem myproxy_signing_policy: /root/certs/local_certs/globus_simple_ca_47671b99_setup-0/47671b99.signing_policy
try_letsencrypt: true
globus_user: [NOT SHOWN] globus_pass: [NOT SHOWN] register_gridftp: false register_myproxy: false
configure_centos6_iptables: false configure_centos7_firewalld: false
mirror_host: distrib-coffee.ipsl.jussieu.fr/pub`
data config:
Expected behavior
Installation to complete and working Let's Encrypt certificats and idx and data nodes.
ESGF Node (please complete the following information):
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Describe the bug
When trying to upgrade from 4.04 to devel or 4.05, with Let's Encrypt on.
`TASK [tomcat : Create Keystore] **************************************************************************************************************************************************************
fatal: [vesgint-idx.ipsl.upmc.fr]: FAILED! => {
"changed": false,
"cmd": "/usr/bin/openssl pkcs12 -export -name my_esgf_node -in /tmp/my_esgf_node.crt -inkey /tmp/my_esgf_node.key -out /tmp/keystore.p12 -passout '********'",
"rc": 1
}
STDERR:
No certificate matches private key
MSG:
No certificate matches private key
fatal: [vesgint-data.ipsl.upmc.fr]: FAILED! => {
"changed": false,
"cmd": "/usr/bin/openssl pkcs12 -export -name my_esgf_node -in /tmp/my_esgf_node.crt -inkey /tmp/my_esgf_node.key -out /tmp/keystore.p12 -passout '********'",
"rc": 1
}
STDERR:
No certificate matches private key
MSG:
No certificate matches private key`
Full log: 6_upgrade_int_to_devel_lets.log
To Reproduce
ansible-playbook -i hosts.int -u root install.yml
idx&idp config:
`ansible_user: root
globushostcert: /root/certs/local_certs/hostcert.pem
globushostkey: /root/certs/local_certs/hostkey.pem
myproxycacert: /root/certs/local_certs/cacert.pem
myproxycakey: /root/certs/local_certs/cakey.pem
myproxy_signing_policy: /root/certs/local_certs/globus_simple_ca_47671b99_setup-0/47671b99.signing_policy
try_letsencrypt: true
globus_user: [NOT SHOWN]
globus_pass: [NOT SHOWN]
register_gridftp: false
register_myproxy: false
configure_centos6_iptables: false
configure_centos7_firewalld: false
mirror_host: distrib-coffee.ipsl.jussieu.fr/pub`
data config:
`ansible_user: root
globushostcert: /root/certs/local_certs/hostcert.pem
globushostkey: /root/certs/local_certs/hostkey.pem
try_letsencrypt: true
globus_user: [NOT SHOWN]
globus_pass: [NOT SHOWN]
register_gridftp: false
register_myproxy: false
configure_centos6_iptables: false
configure_centos7_firewalld: false
mirror_host: distrib-coffee.ipsl.jussieu.fr/pub`
Expected behavior
Installation to complete and working Let's Encrypt certificats and idx and data nodes.
ESGF Node (please complete the following information):
The text was updated successfully, but these errors were encountered: