Re: Failed to add certificate with errorcode 400


qq
 

vault-kong.sh file line 103 , "sk" should be "key",now is OK!

"404")
echo ">> (6) Create the Kong JSON with TLS certificate and private key (base64 encoded)"
jq -n --arg cert "$(cat ${_KONG_PEM}|base64)" 
--arg sk "$(cat ${_KONG_SK}|base64)" 
'{cert:$cert,sk:$sk}' > ${_PAYLOAD_KONG}



15599633@...

 
Date: 2018-09-01 11:25
Subject: Failed to add certificate with errorcode 400
Method 1. Run the Security Service with Docker-compose file. Make sure other EdgeX services start as usual (especially volume), then
```
cd Docker
docker-compose up -d vault
docker-compose up -d vault-worker
docker-compose up -d kong-db
docker-compose up -d kong-migrations
docker-compose up -d kong
docker-compose up -d edgex-proxy
```

edgex-proxy log:

edgex-proxy        | emp2WnBWeFFiVVRQZlFZbkNIY1p1ZS9oSmRsMmVHbUpjWUxFYWhtVwpHWEZHQmRJOEN4YjkzUW1p
edgex-proxy        | K1UxRGJzQWdudnF5ZUxxWXlja3BlZkw1UmRkSUpXMUMyMFM2dXp3MTUyeVY4VWRhCktJazlYL2lv
edgex-proxy        | UkJBSTRHbGpHWFRqeDN4N3ZDTDEyeVkvU0FlcWtWY0Y2VTlqVWgyUnRKQ2RnZzM1WlZpaTFocmMK
edgex-proxy        | UENkeWozVUY4SU01QUFUb1JNNGYyWERtZjJZTEVYRE9GMkREWkFIbXRGaW9TZ0x6ZEFaS2JobFMx
edgex-proxy        | U2ZBdVZBegpkM3lIVUZKa2FPUW4vWXphYUZKUFRhZGVhRW91NWNLOTZzeFVHS2E5eXV1UEtCeFkr
edgex-proxy        | bklTVzZCblcxYjhhdGVsCmdCQWlvWi9nbHVSRWtySDBtNXhkaEo0My92blZzSC9TNFBxQjhWL3po
edgex-proxy        | d0FmSTgrcDZjbWp2YlNaQ1IvK2RscnUKcExObHd4cE5uUitGQWpHSkJTRGdCQ3hPQzE4Q1dDWmV5
edgex-proxy        | ZXArY3hLOVU4dkJFb2JnTXk4NFVVaWxteTBmY1lsMwpxSU9ZQWFzNkowczhZc0J6MEtaSXlORU5a
edgex-proxy        | UzAwNXFVb09tRnF6TkZpV0U3Rm4zWVV2K0tScFo4MWdLRmtqbkJsCnVBeE9LMUk9Ci0tLS0tRU5E
edgex-proxy        | IENFUlRJRklDQVRFLS0tLS0K
edgex-proxy        | INFO: 2018/09/01 02:44:11 successful on retrieving certificate from v1/secret/edgex/pki/tls/edgex-kong.
edgex-proxy        | INFO: 2018/09/01 02:44:11 Trying to upload cert to proxy server.
edgex-proxy        | ERROR: 2018/09/01 02:44:11 Failed to add certificate with errorcode 400.
edgex-proxy        | INFO: 2018/09/01 02:44:11 Finishing initialization for reverse proxy


kong:

kong               | 172.29.0.9 - - [01/Sep/2018:02:44:11 +0000] "POST /services/ HTTP/1.1" 409 159 "-" "Go-http-client/1.1"
kong               | 172.29.0.9 - - [01/Sep/2018:02:44:11 +0000] "POST /services/exportclient/plugins/ HTTP/1.1" 409 54 "-" "Go-http-client/1.1"
kong               | 2018/09/01 02:44:11 [notice] 52#0: *3534 [lua] init.lua:391: insert(): ERROR: duplicate key value violates unique constraint "services_name_key"
kong               | Key (name)=(virtualdevice) already exists., client: 172.29.0.9, server: kong_admin, request: "POST /services/ HTTP/1.1", host: "kong:8001"
kong               | 172.29.0.9 - - [01/Sep/2018:02:44:11 +0000] "POST /services/ HTTP/1.1" 409 161 "-" "Go-http-client/1.1"
kong               | 172.29.0.9 - - [01/Sep/2018:02:44:11 +0000] "POST /services/virtualdevice/plugins/ HTTP/1.1" 409 54 "-" "Go-http-client/1.1"
kong               | 2018/09/01 02:44:11 [notice] 52#0: *3536 [lua] init.lua:391: insert(): ERROR: duplicate key value violates unique constraint "services_name_key"
kong               | Key (name)=(coredata) already exists., client: 172.29.0.9, server: kong_admin, request: "POST /services/ HTTP/1.1", host: "kong:8001"
kong               | 172.29.0.9 - - [01/Sep/2018:02:44:11 +0000] "POST /services/ HTTP/1.1" 409 151 "-" "Go-http-client/1.1"
kong               | 172.29.0.9 - - [01/Sep/2018:02:44:11 +0000] "POST /services/coredata/plugins/ HTTP/1.1" 409 54 "-" "Go-http-client/1.1"
kong               | 172.29.0.9 - - [01/Sep/2018:02:44:11 +0000] "POST /services/metadata/routes/ HTTP/1.1" 201 306 "-" "Go-http-client/1.1"
kong               | 172.29.0.9 - - [01/Sep/2018:02:44:11 +0000] "POST /services/exportclient/routes/ HTTP/1.1" 201 310 "-" "Go-http-client/1.1"
kong               | 172.29.0.9 - - [01/Sep/2018:02:44:11 +0000] "POST /services/virtualdevice/routes/ HTTP/1.1" 201 311 "-" "Go-http-client/1.1"
kong               | 172.29.0.9 - - [01/Sep/2018:02:44:11 +0000] "POST /services/coredata/routes/ HTTP/1.1" 201 306 "-" "Go-http-client/1.1"
kong               | 172.29.0.9 - - [01/Sep/2018:02:44:11 +0000] "POST /services/exportdistro/routes/ HTTP/1.1" 201 310 "-" "Go-http-client/1.1"
kong               | 172.29.0.9 - - [01/Sep/2018:02:44:11 +0000] "POST /services/rulesengine/routes/ HTTP/1.1" 201 309 "-" "Go-http-client/1.1"
kong               | 172.29.0.9 - - [01/Sep/2018:02:44:11 +0000] "POST /services/command/routes/ HTTP/1.1" 201 305 "-" "Go-http-client/1.1"
kong               | 172.29.0.9 - - [01/Sep/2018:02:44:11 +0000] "POST /services/notifications/routes/ HTTP/1.1" 201 311 "-" "Go-http-client/1.1"
kong               | 172.29.0.9 - - [01/Sep/2018:02:44:11 +0000] "POST /services/supportlogging/routes/ HTTP/1.1" 201 312 "-" "Go-http-client/1.1"
kong               | 2018/09/01 02:44:11 [notice] 52#0: *3547 [lua] init.lua:391: insert(): ERROR: duplicate key value violates unique constraint "services_name_key"
kong               | Key (name)=(admin) already exists., client: 172.29.0.9, server: kong_admin, request: "POST /services/ HTTP/1.1", host: "kong:8001"
kong               | 172.29.0.9 - - [01/Sep/2018:02:44:11 +0000] "POST /services/ HTTP/1.1" 409 145 "-" "Go-http-client/1.1"
kong               | 172.29.0.9 - - [01/Sep/2018:02:44:11 +0000] "POST /services/admin/routes HTTP/1.1" 201 298 "-" "Go-http-client/1.1"
kong               | 172.29.0.9 - - [01/Sep/2018:02:44:11 +0000] "POST /services/admin/plugins HTTP/1.1" 409 54 "-" "Go-http-client/1.1"
kong               | 172.29.0.9 - - [01/Sep/2018:02:44:11 +0000] "POST /certificates/ HTTP/1.1" 400 37 "-" "Go-http-client/1.1"


15599633@...

Join EdgeX-TSC-Security@lists.edgexfoundry.org to automatically receive all group messages.