#6725 Missing fedmsg certificate for hubs01.stg
Closed: Fixed 4 years ago Opened 4 years ago by abompard.

When the newly installed Hubs machine (hubs01.stg) tries to send a fedmsg, I get a traceback that ends in:

return __local.__context.publish(topic, msg, **kw)
  File "/usr/lib/python3.6/site-packages/fedmsg/core.py", line 307, in publish
    self.c['certname'] = self.c['certnames'][cert_index]
KeyError: 'shell.hubs01'

I think I'm missing the certificate to sign the outgoing fedmsgs. The /etc/pki/fedmsg directory only contains ca.crt. I think the procedure to generate the cert is in this SOP but I don't have access to the private ansible repo, so I can't do it.

Could someone generate those certs for me please? Thanks.


I have made a shell-hubs01.stg.phx2.fedoraproject.org fedmsg cert.

I think you need to declare what you can send in ansible inventory/group_vars/hubs-stg tho
Something like:

These are consumed by a task in roles/fedmsg/base/main.yml

fedmsg_certs:
- service: shell
owner: root
group: root
can_send:
- logger.log

Let me know if you need anything further.

Metadata Update from @kevin:
- Issue close_status updated to: Fixed
- Issue status updated to: Closed (was: Open)

4 years ago

Login to comment on this ticket.

Metadata