Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

certadd endpoint not working #829

Open
johanneslanger opened this issue Nov 29, 2017 · 5 comments
Open

certadd endpoint not working #829

johanneslanger opened this issue Nov 29, 2017 · 5 comments

Comments

@johanneslanger
Copy link
Contributor

johanneslanger commented Nov 29, 2017
edited
Loading

When posting against the endpoint /api/v1/cfssl/certadd I get a 404, example

curl -d '{ "serial": "568433120340650732114301233628109166578730740368", "authority_key_id": "01b712db6a966ef0ddd8c50d6ddecdb25128ad59", "status": "good" , "pem" : "-----BEGIN CERTIFICATE-----\nMIIGFD................\n-----END CERTIFICATE-----" }' http://cfssl-api:8080/api/v1/cfssl/certadd

returns:

404 page not found

Not sure if I'm missing something...
@minaevmike
Copy link

Hi, have same issue. Can you help me? thank you.

@rchicoli
Copy link

rchicoli commented Jul 4, 2018

I guess this is a little outdated, but for anyone who faces this problem again. It is related to file permissions.
I was having the same issue, after correcting the permission from the ca-key.pem, the cfssl service is able to response http calls correctly.

@r0039
Copy link

r0039 commented Mar 6, 2019

I guess this is a little outdated, but for anyone who faces this problem again. It is related to file permissions.
I was having the same issue, after correcting the permission from the ca-key.pem, the cfssl service is able to response http calls correctly.

hi @rchicoli I did chmod to 644 for ca-key.pem, but it didn't work. I still receive 404 Not Found. Could you please let me know what did you do? Thank you.

My case:
-rw-r--r-- 1 root root 227 Mar 4 06:31 ca-key.pem 

MacBook-Pro:~ tien$ curl -I http://x.x.x.x:8888/api/v1/cfssl/revoke
HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=utf-8
X-Content-Type-Options: nosniff
Date: Wed, 06 Mar 2019 06:32:55 GMT
Content-Length: 19

@rchicoli
Copy link

rchicoli commented Mar 7, 2019
edited
Loading

it is hard to remember, because it happened a long time ago. But I guess this is how i fixed:

- name: correct ca-key permissions
  file:
    path: "{{ cfssl_data_dir }}/ca-key.pem"
    owner: "{{ cfssl_user }}"

I was having this problem, because my service file was configured to run with a specific user and it did not have the right permissions to access the ca key

[Unit]
Description=CFSSL Server
Requires=network-online.target
After=network-online.target

[Service]
Type=simple
User={{ cfssl_user }}
Group={{ cfssl_group }}
...

@ttinkr
Copy link

ttinkr commented May 2, 2020

@r0039 I know this is a really old thread, but I am facing the same issues even with correct permissions. Did you manage to get it working after all?

@myokoyama28 myokoyama28 mentioned this issue Mar 23, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@minaevmike @johanneslanger @r0039 @rchicoli @ttinkr