Skip to content
This repository has been archived by the owner on Jan 20, 2023. It is now read-only.

2 directories not created during install #38

Open
1 of 3 tasks
oddboy opened this issue Dec 28, 2018 · 0 comments
Open
1 of 3 tasks

2 directories not created during install #38

oddboy opened this issue Dec 28, 2018 · 0 comments

Comments

@oddboy
Copy link

oddboy commented Dec 28, 2018
edited
Loading

Describe the bug
Upon installing lightwave (from photon-updates repo, on photonOS 2), the log contains errors:

Dec 28 04:09:17 dc01 vmafdd[4017]: t@140141993535232: VecsSrvFlushRootCertificate Failed to flush trusted root to download directory, 2 Dec 28 03:46:10 dc01 vmafdd[4017]: t@140142001927936: ERROR! [VmAfdIpcTriggerRootCertsRefresh] is returning [2] Dec 28 03:46:10 dc01 vmafdd[4017]: t@140142001927936: VecsSrvFlushMachineSslCertificate returning 2 Dec 28 03:46:10 dc01 vmafdd[4017]: t@140142001927936: VecsSrvFlushCrl Failed to flush CRL to download directory, 2 Dec 28 03:46:10 dc01 vmafdd[4017]: t@140142001927936: [Error - 4312, ../../../../vmafd/server/vmafd/rootfetch.c:684] Dec 28 03:46:10 dc01 vmafdd[4017]: t@140142001927936: VecsSrvFlushCrl Failed to flush CRL to download directory, 2 Dec 28 03:46:10 dc01 vmafdd[4017]: t@140142001927936: VecsSrvFlushRootCertificate Failed to flush trusted root to download directory, 2

There are other errors pretaining to Root certificates, such as:

Dec 28 04:11:31 dc01 vmafdd[4017]: t@140142001927936: ERROR! [VmAfdIpcTriggerRootCertsRefresh] is returning [2] Dec 28 04:11:31 dc01 vmafdd[4017]: t@140142001927936: VecsSrvFlushMachineSslCertificate returning 2 Dec 28 04:11:31 dc01 vmafdd[4017]: t@140142001927936: VecsSrvFlushCrl Failed to flush CRL to download directory, 2 Dec 28 04:11:31 dc01 vmafdd[4017]: t@140142001927936: VecsSrvFlushCrl Failed to flush CRL to download directory, 2 Dec 28 04:11:31 dc01 vmafdd[4017]: t@140142001927936: VecsSrvFlushRootCertificate Failed to flush trusted root to download directory, 2

and

Dec 27 07:33:31 dc01 vmafdd[30440]: t@140631775106816: ERROR! [VmAfdIpcTriggerRootCertsRefresh] is returning [2] Dec 27 07:33:31 dc01 vmafdd[30440]: t@140631775106816: VecsSrvFlushMachineSslCertificate returning 2 Dec 27 07:33:31 dc01 vmafdd[30440]: t@140631775106816: VecsSrvFlushCrl Failed to flush CRL to download directory, 2 Dec 27 07:33:31 dc01 vmafdd[30440]: t@140631775106816: VecsSrvFlushCrl Failed to flush CRL to download directory, 2 Dec 27 07:33:31 dc01 vmafdd[30440]: t@140631775106816: VecsSrvFlushRootCertificate Failed to flush trusted root to download directory, 2

My interpretation of these errors is that the CRL, Root certs and Machine cert can't be saved to disk.

This can be reproduced at will by running:

vecs-cli force-refresh --server dc01 --upn Administrator

Impact

  • Low - Not really in your way but annoyance -- not sure
  • Medium - Can be worked around
  • High - Blocker

Expected behavior
I would expect that the CRL could be flushed to disk.

Observed behavior
CRL is not flushed to disk.

To Reproduce
Steps to reproduce the behavior:

  1. tail the log file (journalctl -f)
  2. execute: `vecs-cli force-refresh --server --upn
  3. See error

Environment:

  • OS: VMware Photon OS 2.0, PHOTON_BUILD_NUMBER=0922243
  • Lightwave Version: 1.3.1.7-1.ph2
  • Likewise version: 6.2.11.4-4.ph2

Additional context
I have been able to eliminate the error by manually creating the following directories:

/etc/vmware-vpx/docRoot/certs
^ this one eliminates the errors about CRL and Root Certs

/etc/vmware/vmware-vmafd
^ this one eliminates the errors about machine-ssl.crt

There remains one error. I don't know if it's related or not.

vmafdd[24656]: t@140186877519616: [Error - 4312, ../../../../vmafd/server/vmafd/rootfetch.c:684]
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@oddboy