Details
-
Bug
-
Status: Closed
-
Critical
-
Resolution: Fixed
-
7.1.0
-
Windows CB EE 7.1.0-1676
-
1
-
Yes
-
CX Sprint 270
Description
In MB-49471, we see a crash /node/controller/reloadCertificate request is made.
It looks something like this in error.log
[ns_server:error,2021-11-10T04:12:57.419-08:00,ns_1@172.23.136.106:<0.17653.0>:menelaus_util:reply_server_error:210]Server error during processing: ["web request failed", {path,"/node/controller/reloadCertificate"}, {method,'POST'}, {type,exit}, {what, {{{badmatch,{error,eacces}}, [{ns_ssl_services_setup, save_node_certs_phase2,0, [{file,"src/ns_ssl_services_setup.erl"}, {line,740}]}, {ns_ssl_services_setup,save_node_certs,
|
Basically ns-server seems to be crashing with "eaces" when certs are getting written to 'certs" folder in config. We need to investigate the cause for this. Essentially otherwise uploading x509 certs on windows in 7.1 will get blocked.
Attachments
Issue Links
- is cloned by
-
MB-51676 [BP 7.0.4][Windows] To investigate the crash in MB-49471
-
- Closed
-
Copying Timofey Barmin's comment from MB-49471 for context here:
"It crashes when it tries to save file chain.pem in config/certs dir (it first saves the file to chain.pem.tmp and then renames it to chain.pem).
The error 'eacces' means "Missing read or write permissions for the parent directories of Source or Destination. On some platforms, this error is given if either Source or Destination is open."
That's a bit weird because right before writing cert we write another file in the same dir, and that works well. The only reason I can think of is if the destination file (chain.pem) is open at the moment when we are trying to rename chain.pem.tmp to chain.pem"