Generating a certificate requires write permissions on the ca.serial.txt file to record the fact that another certificate was signed using the CA.
On Tue, Feb 9, 2016 at 9:54 AM, Den Cowboy <[email protected]> wrote: > What's the best way to use this files without using sudo? > I performed a chmod + r on it. > > But when I try the following without sudo: > $ oadm ca create-server-cert --signer-cert=ca.crt \ > > --signer-key=ca.key --signer-serial=ca.serial.txt \ > > --hostnames='docker-registry.default.svc.cluster.local,172.30.21.34' > \ > > --cert=registry.crt --key=registry.key > panic: runtime error: invalid memory address or nil pointer dereference > [signal 0xb code=0x1 addr=0x0 pc=0xcf747c] > > goroutine 1 [running]: > > github.com/openshift/origin/pkg/cmd/server/crypto.encodeCertificates(0xc2084a84c0, > 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0) > /builddir/build/BUILD/origin-git-0.ce0e67f/_build/src/ > github.com/openshift/origin/pkg/cmd/server/crypto/crypto.go:467 +0x2bc > > github.com/openshift/origin/pkg/cmd/server/crypto.writeCertificates(0x7fff9db9d68e, > 0xc, 0xc2084a84c0, 0x2, 0x2, 0x0, 0x0) > /builddir/build/BUILD/origin-git-0.ce0e67f/_build/src/ > github.com/openshift/origin/pkg/cmd/server/crypto/crypto.go:501 +0xdf > > github.com/openshift/origin/pkg/cmd/server/crypto.(*TLSCertificateConfig).writeCertConfig(0xc2083c0690, > 0x7fff9db9d68e, 0xc, 0x7fff9db9d6a1, 0xc, 0x0, 0x0) > /builddir/build/BUILD/origin-git-0.ce0e67f/_build/src/ > github.com/openshift/origin/pkg/cmd/server/crypto/crypto.go:71 +0x67 > > github.com/openshift/origin/pkg/cmd/server/crypto.(*CA).MakeServerCert(0xc2083c0750, > 0x7fff9db9d68e, 0xc, 0x7fff9db9d6a1, 0xc, 0xc2083c0780, 0x1, 0x0, 0x0) > /builddir/build/BUILD/origin-git-0.ce0e67f/_build/src/ > github.com/openshift/origin/pkg/cmd/server/crypto/crypto.go:258 +0x5b2 > > github.com/openshift/origin/pkg/cmd/server/admin.CreateServerCertOptions.CreateServerCert(0xc20847fcc0, > 0x7fff9db9d68e, 0xc, 0x7fff9db9d6a1, 0xc, 0xc2084e6060, 0x2, 0x2, 0x1, > 0x7f6276ae9530, ...) > /builddir/build/BUILD/origin-git-0.ce0e67f/_build/src/ > github.com/openshift/origin/pkg/cmd/server/admin/create_servercert.go:116 > +0x224 > github.com/openshift/origin/pkg/cmd/server/admin.func·015(0xc2084c7e00 > <http://github.com/openshift/origin/pkg/cmd/server/admin.func%C2%B7015(0xc2084c7e00>, > 0xc2081d3c20, 0x0, 0x6) > /builddir/build/BUILD/origin-git-0.ce0e67f/_build/src/ > github.com/openshift/origin/pkg/cmd/server/admin/create_servercert.go:59 > +0x139 > github.com/spf13/cobra.(*Command).execute(0xc2084c7e00, 0xc2081d3b60, > 0x6, 0x6, 0x0, 0x0) > /builddir/build/BUILD/origin-git-0.ce0e67f/_thirdpartyhacks/src/ > github.com/spf13/cobra/command.go:572 +0x82f > github.com/spf13/cobra.(*Command).ExecuteC(0xc2084a2200, 0xc2084c7e00, > 0x0, 0x0) > /builddir/build/BUILD/origin-git-0.ce0e67f/_thirdpartyhacks/src/ > github.com/spf13/cobra/command.go:662 +0x4db > github.com/spf13/cobra.(*Command).Execute(0xc2084a2200, 0x0, 0x0) > /builddir/build/BUILD/origin-git-0.ce0e67f/_thirdpartyhacks/src/ > github.com/spf13/cobra/command.go:618 +0x3a > main.main() > /builddir/build/BUILD/origin-git-0.ce0e67f/_build/src/ > github.com/openshift/origin/cmd/openshift/openshift.go:22 +0x175 > > goroutine 5 [syscall]: > os/signal.loop() > /usr/lib/golang/src/os/signal/signal_unix.go:21 +0x1f > created by os/signal.init·1 > /usr/lib/golang/src/os/signal/signal_unix.go:27 +0x35 > > goroutine 10 [chan receive]: > github.com/golang/glog.(*loggingT).flushDaemon(0x4c5e680) > /builddir/build/BUILD/origin-git-0.ce0e67f/_thirdpartyhacks/src/ > github.com/golang/glog/glog.go:879 +0x78 > created by github.com/golang/glog.init·1 > <http://github.com/golang/glog.init%C2%B71> > /builddir/build/BUILD/origin-git-0.ce0e67f/_thirdpartyhacks/src/ > github.com/golang/glog/glog.go:410 +0x2a7 > > goroutine 17 [syscall, locked to thread]: > runtime.goexit() > /usr/lib/golang/src/runtime/asm_amd64.s:2232 +0x1 > > _______________________________________________ > users mailing list > [email protected] > http://lists.openshift.redhat.com/openshiftmm/listinfo/users > >
_______________________________________________ users mailing list [email protected] http://lists.openshift.redhat.com/openshiftmm/listinfo/users
