Deploying concourse with cf auth and a self signed certificate doesn't copy the certificate to "/var/vcap/jobs/atc/config/cf_ca_cert" in atc VM

[bjalonmontanes]

When deploying concourse with CF AUTH with a self signed certificate (using the _cacert field) you will see the following error in atc job,

server: Failed to open connector cf: failed to open connector: failed to create connector cf: no certs found in root CA file "/var/vcap/jobs/atc/config/cf_ca_cert"

The workaround is copying the cert to _/var/vcap/jobs/atc/config/cf_cacert and do monit start atc

The options to deploy that have been used are the following

-o concourse-deployment/cluster/operations/cf-auth.yml 
--var-file ca_cert=vars/cf_ca_cert_2.pem

(along with cf_client_id, cf_client_secret and cf_api_url)

Thanks

[gaigaslab-operations]

I can confirm that I, too, have this issue. Since we have 2 x ATC, it makes it very difficult to apply changes to the deployment (because ATC fails on the first and never tries to implement ANY changes on the 2nd).

[gaigaslab-operations]

@bjalonmontanes Did you ever find a solution to this? I can find no documentation of the right syntax for updating the cf_ca_cert file.

[vito]

This should be fixed in the 5.0 release.