You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
curl -X POST --data "name=wnkz" 'http://dcos/service/openvpn/client'
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<title>500 Internal Server Error</title>
<h1>Internal Server Error</h1>
<p>The server encountered an internal error and was unable to complete your request. Either the server is overloaded or there is an error in the application.</p>
On step 3, the following logs are produced on the container:
Easy-RSA error:
Request file already exists. Aborting build to avoid overwriting this file.
If you wish to continue, please use a different name or remove the file.
Matching file found at: /etc/openvpn/pki/reqs/wnkz.req
2015-08-10 14:54:10,411 - dcos_openvpn.web - ERROR - Exception on /client [POST]
Traceback (most recent call last):
File "/usr/local/lib/python2.7/dist-packages/Flask-0.10.1-py2.7.egg/flask/app.py", line 1817, in wsgi_app
response = self.full_dispatch_request()
File "/usr/local/lib/python2.7/dist-packages/Flask-0.10.1-py2.7.egg/flask/app.py", line 1477, in full_dispatch_request
rv = self.handle_user_exception(e)
File "/usr/local/lib/python2.7/dist-packages/Flask-0.10.1-py2.7.egg/flask/app.py", line 1381, in handle_user_exception
reraise(exc_type, exc_value, tb)
File "/usr/local/lib/python2.7/dist-packages/Flask-0.10.1-py2.7.egg/flask/app.py", line 1475, in full_dispatch_request
rv = self.dispatch_request()
File "/usr/local/lib/python2.7/dist-packages/Flask-0.10.1-py2.7.egg/flask/app.py", line 1461, in dispatch_request
return self.view_functions[rule.endpoint](**req.view_args)
File "/usr/local/lib/python2.7/dist-packages/webargs-0.13.0-py2.7.egg/webargs/core.py", line 462, in wrapper
return func(parsed_args, *args, **kwargs)
File "dcos_openvpn/web.py", line 33, in create_client
cert.generate(args.get("name"))
File "dcos_openvpn/cert.py", line 16, in generate
name), shell=True)
File "/usr/lib/python2.7/subprocess.py", line 540, in check_call
raise CalledProcessError(retcode, cmd)
CalledProcessError: Command '/dcos/bin/easyrsa build-client-full wnkz nopass' returned non-zero exit status 1
2015-08-10 14:54:10,411 - dcos_openvpn.web - ERROR - Exception on /client [POST]
Traceback (most recent call last):
File "/usr/local/lib/python2.7/dist-packages/Flask-0.10.1-py2.7.egg/flask/app.py", line 1817, in wsgi_app
response = self.full_dispatch_request()
File "/usr/local/lib/python2.7/dist-packages/Flask-0.10.1-py2.7.egg/flask/app.py", line 1477, in full_dispatch_request
rv = self.handle_user_exception(e)
File "/usr/local/lib/python2.7/dist-packages/Flask-0.10.1-py2.7.egg/flask/app.py", line 1381, in handle_user_exception
reraise(exc_type, exc_value, tb)
File "/usr/local/lib/python2.7/dist-packages/Flask-0.10.1-py2.7.egg/flask/app.py", line 1475, in full_dispatch_request
rv = self.dispatch_request()
File "/usr/local/lib/python2.7/dist-packages/Flask-0.10.1-py2.7.egg/flask/app.py", line 1461, in dispatch_request
return self.view_functions[rule.endpoint](**req.view_args)
File "/usr/local/lib/python2.7/dist-packages/webargs-0.13.0-py2.7.egg/webargs/core.py", line 462, in wrapper
return func(parsed_args, *args, **kwargs)
File "dcos_openvpn/web.py", line 33, in create_client
cert.generate(args.get("name"))
File "dcos_openvpn/cert.py", line 16, in generate
name), shell=True)
File "/usr/lib/python2.7/subprocess.py", line 540, in check_call
raise CalledProcessError(retcode, cmd)
CalledProcessError: Command '/dcos/bin/easyrsa build-client-full wnkz nopass' returned non-zero exit status 1
2015-08-10 14:54:10,412 - werkzeug - INFO - 10.0.6.220 - - [10/Aug/2015 14:54:10] "POST /client HTTP/1.0" 500 -
My first guess is that you should use revoke-full in the delete process ; this way the certificate would be properly removed and added to the certificate revocation list.
wnkz
linked a pull request
Aug 10, 2015
that will
close
this issue
After default setup on DCOS I cannot create a client with the same name as a previously deleted client, steps to reproduce:
1/
2/
3/
On step 3, the following logs are produced on the container:
It turns out those files are never removed:
The client reference is also present in those files (XX being a number eg. 04):
After removing the first four files and the line in
/etc/openvpn/pki/index.txt
I was able to create the user again from the API.The text was updated successfully, but these errors were encountered: