dennisjbell
commented
4 years ago can you provide the output of openssl x509 -in cert.crt -text -fingerprint -modulus -noout as well as your openssl version, os type and version, and what you used to generate the cert. If you don't want to paste that information here, feel free to DM it to me (dennis) in the genesis slack org (see here: https://genesisproject.io/community/ for connecting to the slack org)
This example is from the vault kit, but we replicated the issue with the shield kit as well.
[ops] running secrets checks...
Validating 3 secrets for ops under path '/secret/ops/vault/': [1/3] certs/ca X509 certificate ... Use of uninitialized value $modulus in string eq at /home/rmeissner/.geese/lib/Genesis/Vault.pm line 1480. Use of uninitialized value $keyModulus in string eq at /home/rmeissner/.geese/lib/Genesis/Vault.pm line 1480. Use of uninitialized value $expires in sprintf at /home/rmeissner/.geese/lib/Genesis/Vault.pm line 1493. invalid! [✘ ] Self-Signed [✘ ] Valid: expired 18466 days ago () [⚠ ] Default CA key usage (missing: client_auth, server_auth; extra: digital_signature)
[2/3] certs/consul X509 certificate ... Use of uninitialized value $subjectCN in string eq at /home/rmeissner/.geese/lib/Genesis/Vault.pm line 1378. Use of uninitialized value $subjectCN in concatenation (.) or string at /home/rmeissner/.geese/lib/Genesis/Vault.pm line 1380. Use of uninitialized value $modulus in string eq at /home/rmeissner/.geese/lib/Genesis/Vault.pm line 1480. Use of uninitialized value $expires in sprintf at /home/rmeissner/.geese/lib/Genesis/Vault.pm line 1493. invalid! [✘ ] Valid: expired 18466 days ago () [✘ ] Modulus Agreement [⚠ ] Subject Name 'consul_vault_peer' (found '') [⚠ ] Subject Alt Names (missing: 127.0.0.1, consul_vault_peer; extra: *.sub.contoso.com, sub.contoso.com) [⚠ ] Default key usage (extra: digital_signature, key_encipherment)
[3/3] certs/vault X509 certificate ... missing! Failed - Duration: 0 seconds [0 validated/0 skipped/3 errors]
Preflight checks failed; deployment operation halted.