Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error validating the SSL configuration: Invalid server certificate #317

Closed
nbari opened this issue Mar 29, 2022 · 2 comments
Closed

Error validating the SSL configuration: Invalid server certificate #317

nbari opened this issue Mar 29, 2022 · 2 comments

Comments

@nbari
Copy link

nbari commented Mar 29, 2022

I am trying to install codedeploy-agent on-premises, the VM is using:

No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 20.04.4 LTS
Release:        20.04
Codename:       focal

this is the installation flow starting with ruby:

apt install ruby-full

Get the installer:

wget https://aws-codedeploy-us-east-2.s3.amazonaws.com/latest/install

chmod +x ./install

Install the desired version, latest since writing this:

Latest available:

 ./install auto -v latest/codedeploy-agent_all.deb

or with

 ./install auto -v releases/codedeploy-agent_1.3.2-1902_all.deb

The configuration file /etc/codedeploy-agent/conf/codedeploy.onpremises.yml:

---
aws_access_key_id: ACCESS_KEY
aws_secret_access_key: SECRET_KEY
iam_user_arn: arn:aws:iam::023333984930:user/CodeDeployUser-test
region: us-east-2

But in the logs I get:

Error validating the SSL configuration: Invalid server certificate...

Here the full log:

2022-03-29 12:31:27 INFO  [codedeploy-agent(12368)]: master 12368: Spawned child 1/1
2022-03-29 12:31:27 INFO  [codedeploy-agent(12527)]: IMDSv2 http request failed, falling back to IMDSv1.
2022-03-29 12:31:27 INFO  [codedeploy-agent(12527)]: IMDSv2 http request failed, falling back to IMDSv1.
2022-03-29 12:31:27 INFO  [codedeploy-agent(12527)]: CodeDeploy endpoint: https://codedeploy-commands..
2022-03-29 12:31:28 INFO  [codedeploy-agent(12527)]: InstanceAgent::Plugins::CodeDeployPlugin::CommandExecutor: Archives to retain is: 5}
2022-03-29 12:31:28 INFO  [codedeploy-agent(12527)]: IMDSv2 http request failed, falling back to IMDSv1.
2022-03-29 12:31:28 INFO  [codedeploy-agent(12527)]: IMDSv2 http request failed, falling back to IMDSv1.
2022-03-29 12:31:28 INFO  [codedeploy-agent(12527)]: CodeDeploy endpoint: https://codedeploy-commands..
2022-03-29 12:31:28 INFO  [codedeploy-agent(12527)]: IMDSv2 http request failed, falling back to IMDSv1.
2022-03-29 12:31:28 INFO  [codedeploy-agent(12527)]: IMDSv2 http request failed, falling back to IMDSv1.
2022-03-29 12:31:28 INFO  [codedeploy-agent(12527)]: CodeDeploy endpoint: https://codedeploy-commands..
2022-03-29 12:31:28 ERROR [codedeploy-agent(12527)]: InstanceAgent::Plugins::CodeDeployPlugin::CodeDeployControl: Error during certificate verification on codedeploy endpoint https://codedeploy-commands..
2022-03-29 12:31:28 ERROR [codedeploy-agent(12527)]: Error validating the SSL configuration: Invalid server certificate
2022-03-29 12:31:28 ERROR [codedeploy-agent(12527)]: booting child: error during start or run: SystemExit - Stopping CodeDeploy agent due to SSL validation error. - /opt/codedeploy-agent/lib/instance_agent/plugins/codedeploy/command_poller.rb:65:in `abort'
/opt/codedeploy-agent/lib/instance_agent/plugins/codedeploy/command_poller.rb:65:in `validate'
/opt/codedeploy-agent/lib/instance_agent/agent/base.rb:11:in `runner'
/opt/codedeploy-agent/lib/instance_agent/runner/child.rb:32:in `block in prepare_run'
/opt/codedeploy-agent/lib/instance_agent/runner/child.rb:78:in `with_error_handling'
/opt/codedeploy-agent/lib/instance_agent/runner/child.rb:31:in `prepare_run'
/opt/codedeploy-agent/vendor/gems/process_manager-0.0.13/lib/process_manager/child.rb:64:in `block in prepare_run_with_error_handling'
/opt/codedeploy-agent/lib/instance_agent/runner/child.rb:78:in `with_error_handling'
/opt/codedeploy-agent/vendor/gems/process_manager-0.0.13/lib/process_manager/child.rb:63:in `prepare_run_with_error_handling'
/opt/codedeploy-agent/vendor/gems/process_manager-0.0.13/lib/process_manager/child.rb:20:in `start'
/opt/codedeploy-agent/vendor/gems/process_manager-0.0.13/lib/process_manager/master.rb:206:in `block in spawn_child'
/opt/codedeploy-agent/vendor/gems/process_manager-0.0.13/lib/process_manager/master.rb:204:in `fork'
/opt/codedeploy-agent/vendor/gems/process_manager-0.0.13/lib/process_manager/master.rb:204:in `spawn_child'
/opt/codedeploy-agent/vendor/gems/process_manager-0.0.13/lib/process_manager/master.rb:283:in `block (2 levels) in replace_terminated_children'
/var/lib/gems/2.7.0/gems/logging-1.8.2/lib/logging/diagnostic_context.rb:323:in `block in create_with_logging_context'
2022-03-29 12:31:28 ERROR [codedeploy-agent(12527)]: booting child: error during start or run: SystemExit - exit - /opt/codedeploy-agent/lib/instance_agent/runner/child.rb:90:in `exit'
/opt/codedeploy-agent/lib/instance_agent/runner/child.rb:90:in `rescue in with_error_handling'
/opt/codedeploy-agent/lib/instance_agent/runner/child.rb:77:in `with_error_handling'
/opt/codedeploy-agent/lib/instance_agent/runner/child.rb:31:in `prepare_run'
/opt/codedeploy-agent/vendor/gems/process_manager-0.0.13/lib/process_manager/child.rb:64:in `block in prepare_run_with_error_handling'
/opt/codedeploy-agent/lib/instance_agent/runner/child.rb:78:in `with_error_handling'
/opt/codedeploy-agent/vendor/gems/process_manager-0.0.13/lib/process_manager/child.rb:63:in `prepare_run_with_error_handling'
/opt/codedeploy-agent/vendor/gems/process_manager-0.0.13/lib/process_manager/child.rb:20:in `start'
/opt/codedeploy-agent/vendor/gems/process_manager-0.0.13/lib/process_manager/master.rb:206:in `block in spawn_child'
/opt/codedeploy-agent/vendor/gems/process_manager-0.0.13/lib/process_manager/master.rb:204:in `fork'
/opt/codedeploy-agent/vendor/gems/process_manager-0.0.13/lib/process_manager/master.rb:204:in `spawn_child'
/opt/codedeploy-agent/vendor/gems/process_manager-0.0.13/lib/process_manager/master.rb:283:in `block (2 levels) in replace_terminated_children'
/var/lib/gems/2.7.0/gems/logging-1.8.2/lib/logging/diagnostic_context.rb:323:in `block in create_with_logging_context'
2022-03-29 12:31:28 INFO  [codedeploy-agent(12368)]: master 12368: Received CHLD - cleaning dead child process
2022-03-29 12:31:28 INFO  [codedeploy-agent(12368)]: master 12368: been told to replace child 12527
2022-03-29 12:31:28 INFO  [codedeploy-agent(12368)]: master 12368: not enough child processes running - missing at least 1 - respawning

Any ideas of what could it be wrong?
@nbari
Copy link
Author

nbari commented Mar 29, 2022

I had to block requests to the metadata endpoint from the existing provider:

iptables -A OUTPUT -d 169.254.169.254 -j REJECT

@nbari nbari closed this as completed Mar 29, 2022
@JDarzan
Copy link

JDarzan commented May 8, 2023

Thanks Brow!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@nbari @JDarzan