0

In our PCF lab instance, I installed config server from market place and trying with sample cook app and making it to connect to config server. I didn't set any env variable and only thing I set is git uri as below.

"git": {
        "password": "****",
        "searchPaths": "*.*",
        "cloneOnStart": "true",
        "label": "master",
        "skipSslValidation": "true",
        "uri": "https://git-cd.isus.com/ctm/config-files.git",
        "username": "muthu_annamalai"
    }

I tested the git with local config server and it fetches fine. But in lab environment I am getting below exception.

2018-05-01 17:46:33.548 ERROR 14 --- [nio-8080-exec-1] o.a.c.c.C.[.[.[/].[dispatcherServlet] : Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception [Request processing failed; nested exception is org.springframework.web.client.ResourceAccessException: I/O error on GET request for "https://config-e778f757-09a4-4a2c-9183-3961ee573f0a.pcfapps.saas.local/cook/cloud/master/dessert.json": java.security.cert.CertificateException: No subject alternative DNS name matching config-e778f757-09a4-4a2c-9183-3961ee573f0a.pcfapps.saas.local found.; nested exception is javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No subject alternative DNS name matching config-e778f757-09a4-4a2c-9183-3961ee573f0a.pcfapps.saas.local found.] with root cause java.security.cert.CertificateException: No subject alternative DNS name matching config-e778f757-09a4-4a2c-9183-3961ee573f0a.pcfapps.saas.local found.

Muthu Annamalai
  • 31
  • 1
  • 4
  • I added proxy host and port as in this post https://stackoverflow.com/questions/44053356/spring-cloud-config-server-with-git-cannot-clone-or-checkout-repository-connec?rq=1 Now I am getting "There was an unexpected error (type=Internal Server Error, status=500). Error requesting access token." – Muthu Annamalai May 01 '18 at 21:20
  • The `No subject alternative DNS name matching...` error is indicating a problem with the cert used on the PCF load balancer. Normally you'd have a wildcard SAN entry like `*.pcfapps.saas.local` to match all your apps deployed under that domain. You can look at the cert on your load balancer with your browser (click the lock icon) to see what SAN's are available. You might need your platform operator to investigate, if you don't have that level of access. – Daniel Mikusa May 02 '18 at 17:35
  • As to the 500 error, you need to get the logs from the server to which you were speaking. That would indicate there is some stack trace to show the exact problem. – Daniel Mikusa May 02 '18 at 17:36

0 Answers0