AWS CodeDeploy not deploying on Lightsail basic setup SSL

Question

So I'm following this tutorial: https://aws.amazon.com/blogs/compute/using-aws-codedeploy-and-aws-codepipeline-to-deploy-applications-to-amazon-lightsail/

Which has worked admirably up until the point at which I had to actually run the deploy step.

I can't find any decent logs of anything that might have happened in the CodeDeploy deployment web interface. The logs at /var/log/aws/codedeploy-agent/codedeploy-agent.log are sorta helpful

2020-08-28 21:03:47 INFO  [codedeploy-agent(2990)]: InstanceAgent::Plugins::CodeDeployPlugin::CommandExecutor: Archives to retain is: 5}
2020-08-28 21:03:47 ERROR [codedeploy-agent(2990)]: InstanceAgent::Plugins::CodeDeployPlugin::CodeDeployControl: Error during certificate verification on codedeploy endpoint
 https://codedeploy-commands.us-east-2a.amazonaws.com
2020-08-28 21:03:47 ERROR [codedeploy-agent(2990)]: Error validating the SSL configuration: Invalid server certificate
2020-08-28 21:03:47 ERROR [codedeploy-agent(2990)]: booting child: error during start or run: SystemExit - Stopping CodeDeploy agent due to SSL validation error. - /opt/code
deploy-agent/lib/instance_agent/plugins/codedeploy/command_poller.rb:65:in `abort'
/opt/codedeploy-agent/lib/instance_agent/plugins/codedeploy/command_poller.rb:65:in `validate'
/opt/codedeploy-agent/lib/instance_agent/agent/base.rb:11:in `runner'
/opt/codedeploy-agent/lib/instance_agent/runner/child.rb:32:in `block in prepare_run'
/opt/codedeploy-agent/lib/instance_agent/runner/child.rb:78:in `with_error_handling'
/opt/codedeploy-agent/lib/instance_agent/runner/child.rb:31:in `prepare_run'
/opt/codedeploy-agent/vendor/gems/process_manager-0.0.13/lib/process_manager/child.rb:64:in `block in prepare_run_with_error_handling'
/opt/codedeploy-agent/lib/instance_agent/runner/child.rb:78:in `with_error_handling'
/opt/codedeploy-agent/vendor/gems/process_manager-0.0.13/lib/process_manager/child.rb:63:in `prepare_run_with_error_handling'
/opt/codedeploy-agent/vendor/gems/process_manager-0.0.13/lib/process_manager/child.rb:20:in `start'
/opt/codedeploy-agent/vendor/gems/process_manager-0.0.13/lib/process_manager/master.rb:206:in `block in spawn_child'
/opt/codedeploy-agent/vendor/gems/process_manager-0.0.13/lib/process_manager/master.rb:204:in `fork'
/opt/codedeploy-agent/vendor/gems/process_manager-0.0.13/lib/process_manager/master.rb:204:in `spawn_child'
/opt/codedeploy-agent/vendor/gems/process_manager-0.0.13/lib/process_manager/master.rb:283:in `block (2 levels) in replace_terminated_children'
/opt/codedeploy-agent/vendor/gems/logging-1.8.2/lib/logging/diagnostic_context.rb:323:in `call'
/opt/codedeploy-agent/vendor/gems/logging-1.8.2/lib/logging/diagnostic_context.rb:323:in `block in create_with_logging_context'
2020-08-28 21:03:47 ERROR [codedeploy-agent(2990)]: booting child: error during start or run: SystemExit - exit - /opt/codedeploy-agent/lib/instance_agent/runner/child.rb:90
:in `exit

I think the core thing there is maybe that ssl thing. Was I supposed to have done some sort of ssl thing? I haven't done anything at all.

I found this: https://serverfault.com/questions/767680/amazon-codedeploy-failing-on-invalid-certificate/962350 Which seems to be similar/the same, but restarting the LightSail instance didn't seem to help, and it does seem like it has internet.

I appreciate any help you've got, thanks a lot!

Answer 1

Finally figured it out - I had been using the location: us-east-2a for everything because that's what it said on my lightsail instance. Apparently, the "a" is not actually part of it, and somehow that was causing the SSL issue I was seeing.

I had to go into /etc/codedeploy-agent/conf/codedeploy.onpremises.yml and change the region name to us-east-2.

I hope this saves at least one person from having this super confusing issue.