[
https://issues.apache.org/jira/browse/HDDS-9030?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
MLikeWater closed HDDS-9030.
----------------------------
> Token can't be verified due to expired certificate 448729479270311
> ------------------------------------------------------------------
>
> Key: HDDS-9030
> URL: https://issues.apache.org/jira/browse/HDDS-9030
> Project: Apache Ozone
> Issue Type: Bug
> Components: DN, OM
> Affects Versions: 1.3.0
> Environment: Ozone: 1.3.0
> Reporter: MLikeWater
> Priority: Blocker
>
> When accessing data through ozone shell, the following problems occur:
> {quote}$ ozone fs -cat
> /tgwarehouse/tgdw.db/test_2/part-00000-af5fcf66-941f-47ab-8de6-b1631d44dd05-c000
> cat: Block token verification failed. Token can't be verified due to expired
> certificate 448729479270311
> {quote}
> dn logs:
> {quote}2023-07-17 16:29:45,351 [ChunkReader-0] INFO
> org.apache.hadoop.hdds.security.x509.certificate.client.DNCertificateClient:
> Getting certificate with certSerialId:448729479270311.
> 2023-07-17 16:29:47,388 [ChunkReader-0] INFO
> org.apache.hadoop.ozone.container.common.impl.HddsDispatcher: Operation:
> GetBlock , Trace ID: , Message: Block token verification failed. Token can't
> be verified due to expired certificate 448729479270311 , Result:
> BLOCK_TOKEN_VERIFICATION_FAILED , StorageContainerException Occurred.
> org.apache.hadoop.hdds.scm.container.common.helpers.StorageContainerException:
> Block token verification failed. Token can't be verified due to expired
> certificate 448729479270311
> at
> org.apache.hadoop.ozone.container.common.impl.HddsDispatcher.dispatchRequest(HddsDispatcher.java:213)
> at
> org.apache.hadoop.ozone.container.common.impl.HddsDispatcher.lambda$dispatch$0(HddsDispatcher.java:170)
> at
> org.apache.hadoop.hdds.server.OzoneProtocolMessageDispatcher.processRequest(OzoneProtocolMessageDispatcher.java:87)
> at
> org.apache.hadoop.ozone.container.common.impl.HddsDispatcher.dispatch(HddsDispatcher.java:169)
> at
> org.apache.hadoop.ozone.container.common.transport.server.GrpcXceiverService$1.onNext(GrpcXceiverService.java:57)
> at
> org.apache.hadoop.ozone.container.common.transport.server.GrpcXceiverService$1.onNext(GrpcXceiverService.java:50)
> at
> org.apache.ratis.thirdparty.io.grpc.stub.ServerCalls$StreamingServerCallHandler$StreamingServerCallListener.onMessage(ServerCalls.java:262)
> at
> org.apache.ratis.thirdparty.io.grpc.ForwardingServerCallListener.onMessage(ForwardingServerCallListener.java:33)
> at
> org.apache.hadoop.hdds.tracing.GrpcServerInterceptor$1.onMessage(GrpcServerInterceptor.java:49)
> at
> org.apache.ratis.thirdparty.io.grpc.internal.ServerCallImpl$ServerStreamListenerImpl.messagesAvailableInternal(ServerCallImpl.java:332)
> at
> org.apache.ratis.thirdparty.io.grpc.internal.ServerCallImpl$ServerStreamListenerImpl.messagesAvailable(ServerCallImpl.java:315)
> at
> org.apache.ratis.thirdparty.io.grpc.internal.ServerImpl$JumpToApplicationThreadServerStreamListener$1MessagesAvailable.runInContext(ServerImpl.java:834)
> at
> org.apache.ratis.thirdparty.io.grpc.internal.ContextRunnable.run(ContextRunnable.java:37)
> at
> org.apache.ratis.thirdparty.io.grpc.internal.SerializingExecutor.run(SerializingExecutor.java:133)
> at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
> at java.lang.Thread.run(Thread.java:748)
> Caused by: org.apache.hadoop.hdds.security.token.BlockTokenException: Token
> can't be verified due to expired certificate 448729479270311
> at
> org.apache.hadoop.hdds.security.token.ShortLivedTokenVerifier.verify(ShortLivedTokenVerifier.java:105)
> at
> org.apache.hadoop.hdds.security.token.CompositeTokenVerifier.verify(CompositeTokenVerifier.java:43)
> at
> org.apache.hadoop.hdds.security.token.TokenVerifier.verify(TokenVerifier.java:71)
> at
> org.apache.hadoop.ozone.container.common.impl.HddsDispatcher.validateToken(HddsDispatcher.java:453)
> at
> org.apache.hadoop.ozone.container.common.impl.HddsDispatcher.dispatchRequest(HddsDispatcher.java:210)
> ... 16 more
> {quote}
> When view certs, the om and dn certificates have expired:
> {quote}ozone admin cert list{quote}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
