OPENCTI - docker, access key, S3error, unable to connect to web interface

[pyred123]

Prerequisites

• [ x] I read the Deployment and Setup section of the OpenCTI documentation as well as the Troubleshooting page and didn't find anything relevant to my problem.
• [ x] I went through old GitHub issues and couldn't find anything relevant
• [ x] I googled the issue and didn't find anything relevant

Description

Hi all, I'm attempting to run OpenCTI using Docker on Ubuntu-20.04.3. I am unable to access the web interface (localhost:4000) and have what seems to be many errors when trying to build/run the containers. Any information to get OpenCTI up and running would be greatly appreciated :)

• docker-compose up --build gives me the following:

example error: {"error":{"name":"UnknownError","data":{"message":"The Access Key Id you provided does not exist in our records.","_stack":"S3Error: The Access Key Id you provided does not exist in our records.\n at Object.parseError (/opt/opencti/node_modules/minio/dist/main/xml-parsers.js:89:11)\n at /opt/opencti/node_modules/minio/dist/main/transformers.js:164:22\n at DestroyableTransform._flush (/opt/opencti/node_modules/minio/dist/main/transformers.js:88:10)\n at DestroyableTransform.prefinish (/opt/opencti/node_modules/readable-stream/lib/_stream_transform.js:129:10)\n at DestroyableTransform.emit (node:events:394:28)\n at prefinish (/opt/opencti/node_modules/readable-stream/lib/_stream_writable.js:611:14)\n at finishMaybe (/opt/opencti/node_modules/readable-stream/lib/_stream_writable.js:620:5)\n at endWritable (/opt/opencti/node_modules/readable-stream/lib/_stream_writable.js:643:3)\n at DestroyableTransform.Writable.end (/opt/opencti/node_modules/readable-stream/lib/_stream_writable.js:571:22)\n at IncomingMessage.onend (node:internal/streams/readable:688:10)\n at Object.onceWrapper (node:events:513:28)\n at IncomingMessage.emit (node:events:406:35)\n at endReadableNT (node:internal/streams/readable:1331:12)\n at processTicksAndRejections (node:internal/process/task_queues:83:21)"}},"category":"APP","version":"5.0.3","level":"error","message":"[OPENCTI] Platform initialization fail","timestamp":"2021-11-24T03:39:16.938Z"}

and opt/opencti/node_modules/minio/dist/main/xml-parsers.js:89 opencti_1 | var e = new errors.S3Error(); opencti_1 | ^ opencti_1 | S3Error: The Access Key Id you provided does not exist in our records. opencti_1 | at Object.parseError (/opt/opencti/node_modules/minio/dist/main/xml-parsers.js:89:11) opencti_1 | at /opt/opencti/node_modules/minio/dist/main/transformers.js:164:22 opencti_1 | at DestroyableTransform._flush (/opt/opencti/node_modules/minio/dist/main/transformers.js:88:10) opencti_1 | at DestroyableTransform.prefinish (/opt/opencti/node_modules/readable-stream/lib/_stream_transform.js:129:10) opencti_1 | at DestroyableTransform.emit (node:events:394:28) opencti_1 | at prefinish (/opt/opencti/node_modules/readable-stream/lib/_stream_writable.js:611:14) opencti_1 | at finishMaybe (/opt/opencti/node_modules/readable-stream/lib/_stream_writable.js:620:5) opencti_1 | at endWritable (/opt/opencti/node_modules/readable-stream/lib/_stream_writable.js:643:3) opencti_1 | at DestroyableTransform.Writable.end (/opt/opencti/node_modules/readable-stream/lib/_stream_writable.js:571:22) opencti_1 | at IncomingMessage.onend (node:internal/streams/readable:688:10) opencti_1 | at Object.onceWrapper (node:events:513:28) opencti_1 | at IncomingMessage.emit (node:events:406:35) opencti_1 | at endReadableNT (node:internal/streams/readable:1331:12) opencti_1 | at processTicksAndRejections (node:internal/process/task_queues:83:21)

.env file `OPENCTI_ADMIN_EMAIL=admin@opencti.io

OPENCTI_ADMIN_PASSWORD=opencti

OPENCTI_ADMIN_TOKEN=c1f9689d-ba7d-4bc9-b661-c26bf5fb20ca

MINIO_ROOT_USER=admin

MINIO_ROOT_PASSWORD=admin1

RABBITMQ_DEFAULT_USER=guest

RABBITMQ_DEFAULT_PASS=guest

CONNECTOR_HISTORY_ID=ae2eaae6-0064-4229-b700-e8831990a1eb

CONNECTOR_EXPORT_FILE_STIX_ID=6dbc66e1-9f7d-46b5-bb65-56d9b817d42f

CONNECTOR_EXPORT_FILE_CSV_ID=82088983-d80e-479c-b46e-bad4665c92fb

CONNECTOR_IMPORT_FILE_STIX_ID=2027593c-ae34-4dd0-b8d4-6c7b5ba6c3d2

CONNECTOR_IMPORT_REPORT_ID=f478b9d0-7d5a-41ca-9965-2acb5c250173

SMTP_HOSTNAME=cti.Mail.Com`

docker-compose.yml `version: '3'

services:

redis:

image: redis:6.2.6

restart: always

volumes:

  - redisdata:/data

elasticsearch:

image: docker.elastic.co/elasticsearch/elasticsearch:7.15.1

volumes:

  - esdata:/usr/share/elasticsearch/data

environment:

  - discovery.type=single-node

  - xpack.ml.enabled=false

  - "ES_JAVA_OPTS=-Xms8G -Xmx8G"

restart: always

ulimits:

  memlock:

    soft: -1

    hard: -1

  nofile:

    soft: 65536

    hard: 65536

minio:

image: minio/minio:RELEASE.2021-10-13T00-23-17Z

volumes:

  - s3data:/data

ports:

  - "9000:9000"

environment:

  - MINIO_ROOT_USER:${MINIO_ROOT_USER}

  - MINIO_ROOT_PASSWORD:${MINIO_ROOT_PASSWORD}    

command: server /data

healthcheck:

  test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]

  interval: 30s

  timeout: 20s

  retries: 3

restart: always

rabbitmq:

image: rabbitmq:3.9-management

environment:

  - RABBITMQ_DEFAULT_USER=${RABBITMQ_DEFAULT_USER}

  - RABBITMQ_DEFAULT_PASS=${RABBITMQ_DEFAULT_PASS}

volumes:

  - amqpdata:/var/lib/rabbitmq

restart: always

opencti:

image: opencti/platform:5.0.3

environment:

  - NODE_OPTIONS=--max-old-space-size=16384

  - APP__PORT=4000

  - APP__ADMIN__EMAIL=${OPENCTI_ADMIN_EMAIL}

  - APP__ADMIN__PASSWORD=${OPENCTI_ADMIN_PASSWORD}

  - APP__ADMIN__TOKEN=${OPENCTI_ADMIN_TOKEN}

  - APP__APP_LOGS__LOGS_LEVEL=error

  - REDIS__HOSTNAME=redis

  - REDIS__PORT=6379

  - ELASTICSEARCH__URL=http://elasticsearch:9200

  - MINIO__ENDPOINT=minio

  - MINIO__PORT=9000

  - MINIO__USE_SSL=false

  - MINIO__ACCESS_KEY=${MINIO_ROOT_USER}

  - MINIO__SECRET_KEY=${MINIO_ROOT_PASSWORD}

  - RABBITMQ__HOSTNAME=rabbitmq

  - RABBITMQ__PORT=5672

  - RABBITMQ__PORT_MANAGEMENT=15672

  - RABBITMQ__MANAGEMENT_SSL=false

  - RABBITMQ__USERNAME=${RABBITMQ_DEFAULT_USER}

  - RABBITMQ__PASSWORD=${RABBITMQ_DEFAULT_PASS}

  - SMTP__HOSTNAME=${SMTP_HOSTNAME}

  - SMTP__PORT=25

  - PROVIDERS__LOCAL__STRATEGY=LocalStrategy

ports:

  - "4000:4000"

depends_on:

  - redis

  - elasticsearch

  - minio

  - rabbitmq

restart: always

worker:

image: opencti/worker:5.0.3

environment:

  - OPENCTI_URL=http://opencti:4000

  - OPENCTI_TOKEN=${OPENCTI_ADMIN_TOKEN}

  - WORKER_LOG_LEVEL=info

depends_on:

  - opencti

deploy:

  mode: replicated

  replicas: 3

restart: always

connector-history:

image: opencti/connector-history:5.0.3

environment:

  - OPENCTI_URL=http://opencti:4000

  - OPENCTI_TOKEN=${OPENCTI_ADMIN_TOKEN}

  - CONNECTOR_ID=${CONNECTOR_HISTORY_ID}

  - CONNECTOR_TYPE=STREAM

  - CONNECTOR_NAME=History

  - CONNECTOR_SCOPE=history

  - CONNECTOR_CONFIDENCE_LEVEL=15

  - CONNECTOR_LOG_LEVEL=info

restart: always

depends_on:

  - opencti

connector-export-file-stix:

image: opencti/connector-export-file-stix:5.0.3

environment:

  - OPENCTI_URL=http://opencti:4000

  - OPENCTI_TOKEN=${OPENCTI_ADMIN_TOKEN}

  - CONNECTOR_ID=${CONNECTOR_EXPORT_FILE_STIX_ID}

  - CONNECTOR_TYPE=INTERNAL_EXPORT_FILE

  - CONNECTOR_NAME=ExportFileStix2

  - CONNECTOR_SCOPE=application/json

  - CONNECTOR_CONFIDENCE_LEVEL=15

  - CONNECTOR_LOG_LEVEL=info

restart: always

depends_on:

  - opencti

connector-export-file-csv:

image: opencti/connector-export-file-csv:5.0.3

environment:

  - OPENCTI_URL=http://opencti:4000

  - OPENCTI_TOKEN=${OPENCTI_ADMIN_TOKEN}

  - CONNECTOR_ID=${CONNECTOR_EXPORT_FILE_CSV_ID}

  - CONNECTOR_TYPE=INTERNAL_EXPORT_FILE

  - CONNECTOR_NAME=ExportFileCsv

  - CONNECTOR_SCOPE=text/csv

  - CONNECTOR_CONFIDENCE_LEVEL=15

  - CONNECTOR_LOG_LEVEL=info

restart: always

depends_on:

  - opencti

connector-import-file-stix:

image: opencti/connector-import-file-stix:5.0.3

environment:

  - OPENCTI_URL=http://opencti:4000

  - OPENCTI_TOKEN=${OPENCTI_ADMIN_TOKEN}

  - CONNECTOR_ID=${CONNECTOR_IMPORT_FILE_STIX_ID}

  - CONNECTOR_TYPE=INTERNAL_IMPORT_FILE

  - CONNECTOR_NAME=ImportFileStix

  - CONNECTOR_SCOPE=application/json,text/xml

  - CONNECTOR_AUTO=false

  - CONNECTOR_CONFIDENCE_LEVEL=15

  - CONNECTOR_LOG_LEVEL=info

restart: always

depends_on:

  - opencti

connector-import-report:

image: opencti/connector-import-report:5.0.3

environment:

  - OPENCTI_URL=http://opencti:4000

  - OPENCTI_TOKEN=${OPENCTI_ADMIN_TOKEN}

  - CONNECTOR_ID=${CONNECTOR_IMPORT_REPORT_ID}

  - CONNECTOR_TYPE=INTERNAL_IMPORT_FILE

  - CONNECTOR_NAME=ImportReport

  - CONNECTOR_SCOPE=application/pdf,text/plain

  - CONNECTOR_AUTO=false

  - CONNECTOR_ONLY_CONTEXTUAL=true

  - CONNECTOR_CONFIDENCE_LEVEL=15

  - CONNECTOR_LOG_LEVEL=info

  - IMPORT_REPORT_CREATE_INDICATOR=false

restart: always

depends_on:

  - opencti

volumes:

esdata:

s3data:

redisdata:

amqpdata:`

Environment

1. Ubuntu 20.04.3
2. OpenCTI version: Unsure (as @ 23/11/2021)

[11173776]

that's exactly the same i'm facing off.

[pyred123]

@11173776 I ended up reinstalling Ubuntu 20.04 LTS and starting over, where this time it worked.

• Installed docker engine (https://docs.docker.com/engine/install/ubuntu/#install-using-the-repository)
• Installed docker compose (https://docs.docker.com/compose/install/)
• Added my user to the group - 1. sudo groupadd docker 2. sudo usermod -aG docker $USER 3. newgrp docker (https://docs.docker.com/engine/install/linux-postinstall/)
• Went through the installation guide

The second time around I didn't really need to edit the docker-compose.yml file, I just created a new .env file in the same directory and ran the docker-compose up command.