Skip to end of metadata
Go to start of metadata

You are viewing an old version of this content. View the current version.

Compare with Current View Version History

Version 1 Next »

2023-04-12

Reported: 2023-04-12 09:12:00 EST

Resolved: 2023-04-12 14:53:00 EST

Writeup

Users were having issues connecting to the Denodo dev server. It was discovered that the certs, which were deployed in 2022-01-09, had expired. New certs were copied onto the Denodo servers by certbot, which would expire on 2022-06-09, but had not been deployed since automation had not yet been finalized. The new certs were deployed using the automation scripts that had been developed and the SSL connectivity issues were resolved.

Noticing that the certs were out of date on solution manager as well, the same process was followed there, but it became apparent that the web container for the web apps was no longer running both on solution manager and dev.

This led to the discovery that the SSL password file that the web container (Apache Tomcat) uses requires specific permissions, which were being violated by a step in the certification deployment automation that gave read/write access to the denod user group.

The link below provides details:

https://community.denodo.com/docs/html/browse/6.0/platform/installation/postinstallation_tasks/enable_ssl_connections_in_the_denodo_platform_servers/enabling_https_in_the_embedded_apache_tomcat

The certificate scripts were updated to ensure the appropriate permissions were set, and the deployment process was re-run on the solution manager and dev servers, after which the web apps were available again.

  • No labels