當裝好Octopus Tentacle 並註冊到Octopus Server之後,雖然在Octopus Server看到Tentcle顯示在上面了,但實際執行部署時Octopus Server卻丟出類似底下的錯誤。

 

Issue:

The step failed: Activity Check DB Connectivity - AccountDB on AWS-PLS-XXXXX failed with error 'An error occurred when sending a request to 'https://aws-pls-XXXXX.sdi.trendnet.org:10933/', after the request began: The server at https://aws-pls-XXXXX.sdi.trendnet.org:10933/ presented an unexpected security certificate. We expected the server to present a certificate with the thumbprint '2A35265B9490D099A3D30C424C1CA2DB518F07EA'. Instead, it presented a certificate with a thumbprint of '2F110D60EBE9BDD5BD1459C393C34AEF027599FA' and subject 'CN=Octopus Tentacle'. This usually happens when the client has been configured to expect the server to have the wrong certificate, or when the certificate on the server has been regenerated and the client has not been updated. It may also happen if someone is performing a man-in-the-middle attack on the remote machine, or if a proxy server is intercepting requests. Please check the certificate used on the server, and verify that the client has been configured correctly.

The server at https://aws-pls-XXXXX.sdi.trendnet.org:10933/ presented an unexpected security certificate. We expected the server to present a certificate with the thumbprint '2A35265B9490D099A3D30C424C1CA2DB518F07EA'. Instead, it presented a certificate with a thumbprint of '2F110D60EBE9BDD5BD1459C393C34AEF027599FA' and subject 'CN=Octopus Tentacle'. This usually happens when the client has been configured to expect the server to have the wrong certificate, or when the certificate on the server has been regenerated and the client has not been updated. It may also happen if someone is performing a man-in-the-middle attack on the remote machine, or if a proxy server is intercepting requests. Please check the certificate used on the server, and verify that the client has been configured correctly.'.

 

Root Cause:

Octopus 上機器的 thumbprint 實際上在機器裡設定的 thumbprint 不一致故導致 "The server at https://aws-pls-XXXXX.sdi.trendnet.org:10933/ presented an unexpected security certificate." error.

 

只要把Octopus Server該機器的 thumbprint 設定更改成與Tentacle一致即可,因為Octopus是透過Tentacle作為certificate來溝通的。

 

Octopus Server上的 Thumbprint設定調整成Tentacle的一致

 

Octopus Tentacle上的 Thumbprint設定

 

然後再重新執行部署便可以看到剛剛錯誤不見了。

 

2017712日星期三 18:13

arrow
arrow

    jackterrylau 發表在 痞客邦 留言(0) 人氣()