[3.5] \\\"crypto/rsa: verification error\\\" while trying to verify candidate authority certificate \\\"maas-ca\\\")\""
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
MAAS |
Fix Committed
|
Critical
|
Jacopo Rota | ||
3.5 |
Fix Released
|
Critical
|
Jacopo Rota |
Bug Description
Hello
When setting up MAAS on a split rackd/region design rackd is crashing with the error:
Aug 13 13:36:55 HOSTNAME maas-agent[712774]: ERR Temporal client error error="failed reaching server: last connection error: connection error: desc = \"transport: authentication handshake failed: tls: failed to verify certificate: x509: certificate signed by unknown authority (possibly because of \\\"crypto/rsa: verification error\\\" while trying to verify candidate authority certificate \\\"maas-ca\\\")\""
Aug 13 13:36:55 HOSTNAME maas.pebble[
Aug 13 13:36:55 HOSTNAME maas.pebble[
Aug 13 13:36:56 HOSTNAME maas.pebble[
The issue is presistent across deployments. Steps to reproduce:
1. Deploy MAAS in HA: 3 rack controllers, 2 rackds
2. Enable TLS on the three region controllers
3. join the racks to the region
4. Enable dhcp on the rackd network
5. Attempt to PXE boot anothter machine -
[Expected result]
Checking journalctl with sudo the above error should be observed with maas agent crashing
[workaround]:
rm /var/snap/
sudo snap restart maas
Thanks,
Peter
Related branches
- Jacopo Rota: Approve
- MAAS Lander: Approve
-
Diff: 151 lines (+67/-16)2 files modifiedsrc/maasserver/start_up.py (+16/-9)
src/maasserver/tests/test_start_up.py (+51/-7)
- Björn Tillenius: Approve
- MAAS Lander: Approve
-
Diff: 154 lines (+70/-16)2 files modifiedsrc/maasserver/start_up.py (+16/-9)
src/maasserver/tests/test_start_up.py (+54/-7)
Changed in maas: | |
status: | New → Triaged |
importance: | Undecided → Critical |
milestone: | none → 3.6.0 |
Changed in maas: | |
assignee: | nobody → Anton Troyanov (troyanov) |
status: | Triaged → In Progress |
Changed in maas: | |
status: | Incomplete → Invalid |
Changed in maas: | |
assignee: | nobody → Jacopo Rota (r00ta) |
Changed in maas: | |
status: | In Progress → Fix Committed |
subscribing field critical as this is blocking a handover, and affecting multiple projects.