yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #10385
[Bug 1285833] Re: Keystone client racing on certificate lookups causing 404 Unauthorized on API calls
** Project changed: keystone => python-keystoneclient
** Changed in: python-keystoneclient
Milestone: None => 0.6.1
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1285833
Title:
Keystone client racing on certificate lookups causing 404 Unauthorized
on API calls
Status in Cinder:
Confirmed
Status in Python client library for Keystone:
New
Bug description:
DEBUG keystoneclient.middleware.auth_token [-] Token validation failure. _validate_user_token /opt/stack/new/python-keystoneclient/keystoneclient/middleware/auth_token.py:849
TRACE keystoneclient.middleware.auth_token Traceback (most recent call last):
TRACE keystoneclient.middleware.auth_token File "/opt/stack/new/python-keystoneclient/keystoneclient/middleware/auth_token.py", line 836, in _validate_user_token
TRACE keystoneclient.middleware.auth_token verified = self.verify_signed_token(user_token)
TRACE keystoneclient.middleware.auth_token File "/opt/stack/new/python-keystoneclient/keystoneclient/middleware/auth_token.py", line 1275, in verify_signed_token
TRACE keystoneclient.middleware.auth_token if self.is_signed_token_revoked(signed_text):
TRACE keystoneclient.middleware.auth_token File "/opt/stack/new/python-keystoneclient/keystoneclient/middleware/auth_token.py", line 1233, in is_signed_token_revoked
TRACE keystoneclient.middleware.auth_token revocation_list = self.token_revocation_list
TRACE keystoneclient.middleware.auth_token File "/opt/stack/new/python-keystoneclient/keystoneclient/middleware/auth_token.py", line 1329, in token_revocation_list
TRACE keystoneclient.middleware.auth_token self.token_revocation_list = self.fetch_revocation_list()
TRACE keystoneclient.middleware.auth_token File "/opt/stack/new/python-keystoneclient/keystoneclient/middleware/auth_token.py", line 1366, in fetch_revocation_list
TRACE keystoneclient.middleware.auth_token return self.cms_verify(data['signed'])
TRACE keystoneclient.middleware.auth_token File "/opt/stack/new/python-keystoneclient/keystoneclient/middleware/auth_token.py", line 1257, in cms_verify
TRACE keystoneclient.middleware.auth_token self.signing_ca_file_name)
TRACE keystoneclient.middleware.auth_token File "/opt/stack/new/python-keystoneclient/keystoneclient/common/cms.py", line 134, in cms_verify
TRACE keystoneclient.middleware.auth_token raise exceptions.CertificateConfigError(err)
TRACE keystoneclient.middleware.auth_token CertificateConfigError: Unable to load certificate. Ensure your system is configured properly.
TRACE keystoneclient.middleware.auth_token
DEBUG keystoneclient.middleware.auth_token [-] Marking token a961b45e3f117dd58b4afc6564d556fa as unauthorized in memcache _cache_store_invalid /opt/stack/new/python-keystoneclient/keystoneclient/middleware/auth_token.py:1170
WARNING keystoneclient.middleware.auth_token [-] Authorization failed for token a961b45e3f117dd58b4afc6564d556fa
INFO keystoneclient.middleware.auth_token [-] Invalid user token - rejecting request
INFO eventlet.wsgi.server [-] 127.0.0.1 - - [27/Feb/2014 16:50:36] "POST /v1/4ef47f119bc04d6dae054a5035359641/volumes HTTP/1.1" 401 191 0.299349
http://logs.openstack.org/35/75535/1/gate/gate-grenade-
dsvm/3c8e07e/logs/new/screen-c-api.txt.gz?#_2014-02-27_16_50_36_158
logstash query: message:"CertificateConfigError: Unable to load
certificate. Ensure your system is configured properly." AND NOT
filename:"logs/screen-n-api.txt"
To manage notifications about this bug go to:
https://bugs.launchpad.net/cinder/+bug/1285833/+subscriptions
References