Project

General

Profile

Actions
Copy link

Bug #52085

closed

crypt: can't load client cert from /home/ubuntu/cephtest/ca/kmip-client.crt

Added by Casey Bodley over 2 years ago. Updated over 1 year ago.

Status:
Resolved
Priority:
Urgent
Assignee:
Ali Maredia
Target version:
-
% Done:

100%

Source:
Tags:
sse kmip
Backport:
pacific
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Pull request ID:
44694
Crash signature (v1):
Crash signature (v2):

Description

http://qa-proxy.ceph.com/teuthology/cbodley-2021-08-05_21:22:17-rgw:crypt-wip-cbodley-testing-distro-basic-gibba/6316354/teuthology.log

2021-08-05T22:01:50.380 INFO:tasks.rgw.client.0.gibba011.stdout:2021-08-05T22:01:50.377+0000 7f3c01353700 -1 ERROR: can't load client cert from /home/ubuntu/cephtest/ca/kmip-client.crt
2021-08-05T22:01:50.381 INFO:tasks.rgw.client.0.gibba011.stdout:2021-08-05T22:01:50.377+0000 7f3c01353700 -1 139895695030016:error:0200100D:system library:fopen:Permission denied:crypto/bio/bss_file.c:288:fopen('/home/ubuntu/cephtest/ca/kmip-client.crt','r')
2021-08-05T22:01:50.381 INFO:tasks.rgw.client.0.gibba011.stdout:
2021-08-05T22:01:50.381 INFO:tasks.rgw.client.0.gibba011.stdout:2021-08-05T22:01:50.377+0000 7f3c01353700 -1 139895695030016:error:20074002:BIO routines:file_ctrl:system lib:crypto/bio/bss_file.c:290:
2021-08-05T22:01:50.382 INFO:tasks.rgw.client.0.gibba011.stdout:
2021-08-05T22:01:50.382 INFO:tasks.rgw.client.0.gibba011.stdout:2021-08-05T22:01:50.378+0000 7f3c01353700 -1 139895695030016:error:140AD002:SSL routines:SSL_CTX_use_certificate_file:system lib:ssl/ssl_rsa.c:390:
2021-08-05T22:01:50.382 INFO:tasks.rgw.client.0.gibba011.stdout:
2021-08-05T22:02:50.442 INFO:teuthology.orchestra.run.gibba011.stderr:s3tests_boto3.functional.test_s3.test_sse_kms_method_head ... ERROR

Related issues 2 (0 open2 closed)

Copied to rgw - Backport #54035: pacific: crypt: can't load client cert from /home/ubuntu/cephtest/ca/kmip-client.crtResolvedCory SnyderActions
Copied to rgw - Backport #54036: octopus: crypt: can't load client cert from /home/ubuntu/cephtest/ca/kmip-client.crtRejectedCory SnyderActions
Actions
Copy link
 #1

Updated by Casey Bodley over 2 years ago

listing permissions under /home/ubuntu/cephtest and /home/ubuntu/cephtest/ca:

2021-08-06T17:12:54.105 DEBUG:teuthology.orchestra.run.gibba005:> sudo TESTDIR=/home/ubuntu/cephtest bash -c 'ls -lA /home/ubuntu/cephtest/ca'
2021-08-06T17:12:54.164 INFO:teuthology.orchestra.run.gibba005.stdout:total 24
2021-08-06T17:12:54.164 INFO:teuthology.orchestra.run.gibba005.stdout:-rw-rw-r--. 1 ubuntu ubuntu 1338 Aug  6 17:12 kmip-client.crt
2021-08-06T17:12:54.164 INFO:teuthology.orchestra.run.gibba005.stdout:-rw-r--r--. 1 ubuntu ubuntu 1704 Aug  6 17:12 kmip-client.key
2021-08-06T17:12:54.165 INFO:teuthology.orchestra.run.gibba005.stdout:-rw-rw-r--. 1 ubuntu ubuntu 1805 Aug  6 17:12 kmiproot.crt
2021-08-06T17:12:54.165 INFO:teuthology.orchestra.run.gibba005.stdout:-rw-------. 1 ubuntu ubuntu 3272 Aug  6 17:12 kmiproot.key
2021-08-06T17:12:54.165 INFO:teuthology.orchestra.run.gibba005.stdout:-rw-rw-r--. 1 ubuntu ubuntu 1440 Aug  6 17:12 kmip-server.crt
2021-08-06T17:12:54.165 INFO:teuthology.orchestra.run.gibba005.stdout:-rw-------. 1 ubuntu ubuntu 1704 Aug  6 17:12 kmip-server.key
2021-08-06T17:12:54.166 DEBUG:teuthology.orchestra.run.gibba005:> sudo TESTDIR=/home/ubuntu/cephtest bash -c 'ls -lA /home/ubuntu/cephtest'
2021-08-06T17:12:54.225 INFO:teuthology.orchestra.run.gibba005.stdout:total 28
2021-08-06T17:12:54.226 INFO:teuthology.orchestra.run.gibba005.stdout:drwxr-xr-x. 4 ubuntu ubuntu  4096 Aug  6 17:00 archive
2021-08-06T17:12:54.226 INFO:teuthology.orchestra.run.gibba005.stdout:drwxrwxr-x. 2 ubuntu ubuntu  4096 Aug  6 17:12 ca
2021-08-06T17:12:54.226 INFO:teuthology.orchestra.run.gibba005.stdout:drwxr-xr-x. 2 ubuntu ubuntu  4096 Aug  6 17:12 ceph.data
2021-08-06T17:12:54.226 INFO:teuthology.orchestra.run.gibba005.stdout:-rw-r--r--. 1 root   root   12892 Aug  6 17:12 valgrind.supp

from http://qa-proxy.ceph.com/teuthology/cbodley-2021-08-06_16:55:12-rgw:crypt-wip-cbodley-testing-distro-basic-gibba/6324921/teuthology.log

Actions
Copy link
 #2

Updated by Daniel Gryniewicz over 2 years ago

  • Status changed from New to In Progress
  • Assignee set to Marcus Watts
Actions
Copy link
 #3

Updated by Ali Maredia over 2 years ago

  • Assignee changed from Marcus Watts to Ali Maredia
Actions
Copy link
 #4

Updated by Ali Maredia about 2 years ago

  • Pull request ID set to 44694
Actions
Copy link
 #5

Updated by Casey Bodley about 2 years ago

  • Status changed from In Progress to Pending Backport
  • Backport set to octopus pacific
Actions
Copy link
 #6

Updated by Backport Bot about 2 years ago

  • Copied to Backport #54035: pacific: crypt: can't load client cert from /home/ubuntu/cephtest/ca/kmip-client.crt added
Actions
Copy link
 #7

Updated by Backport Bot about 2 years ago

  • Copied to Backport #54036: octopus: crypt: can't load client cert from /home/ubuntu/cephtest/ca/kmip-client.crt added
Actions
Copy link
 #8

Updated by Casey Bodley almost 2 years ago

  • Backport changed from octopus pacific to pacific
Actions
Copy link
 #9

Updated by Backport Bot over 1 year ago

  • Tags changed from sse kmip to sse kmip backport_processed
Actions
Copy link
 #10

Updated by Konstantin Shalygin over 1 year ago

  • Status changed from Pending Backport to Resolved
  • % Done changed from 0 to 100
  • Tags changed from sse kmip backport_processed to sse kmip
Actions
Copy link

Also available in: Atom PDF