Open Suika opened 4 years ago
Suika
commented
4 years ago Nevermind, found a way to fix it.
Set NODE_TLS_REJECT_UNAUTHORIZED=0 environment of fxa-profile-server and it will work.
Not the best solution, but works for now. If you have any idea how to get it to work properly, then that would be nice.
Otherwise, if no other solution exists, just add it to the readme or something like that. Since someone else will maybe have a setup like this. Technically, the issue can be closed.
Suika
commented
4 years ago Strange, now I'm able to login, but I'm always requested to reconnect.
Suika
commented
4 years ago All the logs that happen on firefox signin. Looks like browserid-verifier is bitching about the certificate, it seems.
fxa_nginx_1: 2020-07-09T21:24:19.457186360Z 172.20.0.2 - - [09/Jul/2020:21:24:19 +0000] "POST /metrics HTTP/1.1" 200 16 "https://fxa-www.dockerhost.lan/" "Mozilla/5.0 (X11; Linux x86_64; rv:77.0) Gecko/20100101 Firefox/77.0" "10.0.0.103"
2020-07-09T21:24:19.458384852Z {"event":"flow.force-auth.submit","flow_id":"fbf589c2bc4f6943a294ce5acef8188a1e2477c420f2fd8435b1c69e6fa2e258","flow_time":8338,"hostname":"646fe277bdb6","locale":"en_US","op":"flowEvent","pid":1,"time":"2020-07-09T21:24:19.449Z","userAgent":"Mozilla/5.0 (X11; Linux x86_64; rv:77.0) Gecko/20100101 Firefox/77.0","v":1,"context":"fx_desktop_v3","entrypoint":"fxa_app_menu","service":"sync"}
fxa_fxa-auth-db-mysql_1: 2020-07-09T21:24:19.751956273Z {"Timestamp":1594329859751000000,"Logger":"fxa-auth-db-server","Type":"bin.server.summary","Severity":4,"Pid":19,"EnvVersion":"2.0","Fields":{"code":404,"route":"gettotpid","method":"GET","path":"/totp/64d5f8508a044da981f358a1ed1ded99","err":"Error: Not Found","t":1}}
2020-07-09T21:24:19.846694623Z No verify code match
2020-07-09T21:24:19.847263291Z {
2020-07-09T21:24:19.847284557Z html: '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">\n' +
2020-07-09T21:24:19.847293934Z '<html xmlns="http://www.w3..org/1999/xhtml">\n' +
2020-07-09T21:24:19.847302524Z ' <head>\n' +
2020-07-09T21:24:19.847310173Z ' <meta http-equiv="content-type" content="text/html; charset=utf-8" />\n' +
2020-07-09T21:24:19.847318732Z ' <title>New sign-in to Firefox</title>\n' +
2020-07-09T21:24:19.847327772Z ' </head>\n' +
2020-07-09T21:24:19.847336933Z '\n' +
2020-07-09T21:24:19.847342309Z ' <body style="-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%; margin: 0; padding: 0;">\n' +
2020-07-09T21:24:19.847347903Z ' <table\n' +
2020-07-09T21:24:19.847353049Z ' align="center"\n' +
2020-07-09T21:24:19.847358289Z ' border="0"\n' +
2020-07-09T21:24:19.847363462Z ' cellpadding="0"\n' +
2020-07-09T21:24:19.847368798Z ' cellspacing="0"\n' +
2020-07-09T21:24:19.847374920Z ' width="310"\n' +
2020-07-09T21:24:19.847381094Z ' style="-webkit-text-size-adjust: 100%; border-collapse: collapse; mso-table-lspace: 0pt; mso-table-rspace: 0pt; width: 310px; margin: 0 auto;"\n' +
2020-07-09T21:24:19.847386857Z ' >\n' +
2020-07-09T21:24:19.847392869Z ' <tr style="page-break-before: always">\n' +
2020-07-09T21:24:19.847399476Z ' <td align="center" id="firefox-logo" style="padding: 20px 0;">\n' +
2020-07-09T21:24:19.847405148Z ' <img\n' +
2020-07-09T21:24:19.847410935Z ' src="https://image.e.mozilla.org/lib/fe9915707361037e75/m/4/11c1e411-7dfe-4e04-914c-0f098edac96c.png"\n' +
2020-07-09T21:24:19.847416692Z ' height="60"\n' +
2020-07-09T21:24:19.847422014Z ' width="60"\n' +
2020-07-09T21:24:19.847427171Z ' alt=""\n' +
2020-07-09T21:24:19.847432309Z ' style="-ms-interpolation-mode: bicubic;"\n' +
2020-07-09T21:24:19.847462687Z ' />\n' +
2020-07-09T21:24:19.847469748Z '\n' +
2020-07-09T21:24:19.847474930Z ' </td>\n' +
2020-07-09T21:24:19.847480177Z ' </tr>\n' +
2020-07-09T21:24:19.847485731Z '\n' +
2020-07-09T21:24:19.847490789Z ' <tr style="page-break-before: always">\n' +
2020-07-09T21:24:19.847496134Z ' <td valign="top">\n' +
2020-07-09T21:24:19.847501443Z ' <h1 style="font-family: sans-serif; font-size: 21px; line-height: 29px; font-weight: normal; margin: 0 0 11px 0; text-align: center;">New sign-in to Firefox</h1>\n' +
2020-07-09T21:24:19.847507227Z '\n' +
2020-07-09T21:24:19.847512327Z ' <p style="font-family:sans-serif; font-size: 13px; line-height: 20px; font-weight: normal; margin: 0 0 24px 0px; text-align: center; color: #4a4a4f;">\n' +
2020-07-09T21:24:19.847519358Z ' \n' +
2020-07-09T21:24:19.847524418Z ' Firefox on Linux<br/>\n' +
2020-07-09T21:24:19.847529584Z ' \n' +
2020-07-09T21:24:19.847534617Z ' IP address: 10.0.0.103<br/>\n' +
2020-07-09T21:24:19.847539995Z ' 9:24:19 PM (UTC) Thursday, Jul 9, 2020<br/>\n' +
2020-07-09T21:24:19.847545205Z ' </p>\n' +
2020-07-09T21:24:19.847550321Z ' </td>\n' +
2020-07-09T21:24:19.847555407Z '</tr>\n' +
2020-07-09T21:24:19.847561602Z '\n' +
2020-07-09T21:24:19.847566844Z '<tr height="50">\n' +
2020-07-09T21:24:19.847572399Z ' <td align="center" valign="top">\n' +
2020-07-09T21:24:19.847577793Z ' <table\n' +
2020-07-09T21:24:19.847582925Z ' border="0"\n' +
2020-07-09T21:24:19.847587987Z ' cellpadding="0"\n' +
2020-07-09T21:24:19.847593057Z ' cellspacing="0"\n' +
2020-07-09T21:24:19.847598192Z ' height="100%"\n' +
2020-07-09T21:24:19.847603326Z ' width="100%"\n' +
2020-07-09T21:24:19.847608402Z ' id="email-button"\n' +
2020-07-09T21:24:19.847613767Z ' style="-webkit-text-size-adjust: 100%; border-collapse: collapse; mso-table-lspace: 0pt; mso-table-rspace: 0pt; background-color: #0a84ff; border-radius: 4px; height: 50px; width: 310px !important;"\n' +
2020-07-09T21:24:19.847619490Z ' >\n' +
2020-07-09T21:24:19.847624625Z ' <tr style="page-break-before: always">\n' +
2020-07-09T21:24:19.847630234Z ' <td\n' +
2020-07-09T21:24:19.847635519Z ' align="center"\n' +
2020-07-09T21:24:19.847640761Z ' valign="middle"\n' +
2020-07-09T21:24:19.847654460Z ' id="button-content"\n' +
2020-07-09T21:24:19.847661220Z ' style="font-family: sans-serif; font-weight: normal; text-align: center; margin: 0; color: #fff; font-size: 20px; line-height: 100%;"\n' +
2020-07-09T21:24:19.847667309Z ' >\n' +
2020-07-09T21:24:19.847672825Z ' <!--[if mso]>\n' +
2020-07-09T21:24:19.847680448Z ' <v:roundrect xmlns:v="urn:schemas-microsoft-com:vml" xmlns:w="urn:schemas-microsoft-com:office:word" href="https://fxa-www.dockerhost.lan/settings?email=suika%40dockerhost.lan&uid=64d5f8508a044da981f358a1ed1ded99&utm_medium=email&utm_campaign=fx-new-device-signin&utm_content=fx-manage-account" style="width:280px;height:40px;v-text-anchor:middle;" arcsize="10%" stroke="f" fillcolor="#0a84ff">\n' +
2020-07-09T21:24:19.847688428Z ' <w:anchorlock/>\n' +
2020-07-09T21:24:19.847694538Z ' <center>\n' +
2020-07-09T21:24:19.847700075Z ' <![endif]-->\n' +
2020-07-09T21:24:19.847705582Z '\n' +
2020-07-09T21:24:19.847711038Z ' <a\n' +
2020-07-09T21:24:19.847716485Z ' href="https://fxa-www.dockerhost.lan/settings?email=suika%40dockerhost.lan&uid=64d5f8508a044da981f358a1ed1ded99&utm_medium=email&utm_campaign=fx-new-device-signin&utm_content=fx-manage-account"\n' +
2020-07-09T21:24:19.847722688Z ' id="button-link"\n' +
2020-07-09T21:24:19.847728364Z ' style="font-family: sans-serif; color: #fff; display: block; padding: 15px; text-decoration: none; width: 280px; font-size: 18px; line-height: 26px;"\n' +
2020-07-09T21:24:19.847734300Z ' >Manage account</a>\n' +
2020-07-09T21:24:19.847739993Z '\n' +
2020-07-09T21:24:19.847745324Z ' <!--[if mso]>\n' +
2020-07-09T21:24:19.847750836Z ' </center>\n' +
2020-07-09T21:24:19.847756786Z ' </v:roundrect>\n' +
2020-07-09T21:24:19.847762504Z ' <![endif]-->\n' +
2020-07-09T21:24:19.847768523Z ' </td>\n' +
2020-07-09T21:24:19.847774218Z ' </tr>\n' +
2020-07-09T21:24:19.847779765Z ' </table>\n' +
2020-07-09T21:24:19.847785255Z ' </td>\n' +
2020-07-09T21:24:19.847790656Z '</tr>\n' +
2020-07-09T21:24:19.847796086Z '\n' +
2020-07-09T21:24:19.847801464Z '<tr style="page-break-before: always">\n' +
2020-07-09T21:24:19.847807131Z ' <td border="0" cellpadding="0" cellspacing="0" height="100%" width="100%">\n' +
2020-07-09T21:24:19.847813131Z ' <p class="secondary" style="font-family: sans-serif; font-weight: normal; margin: 24px 0 12px 0; text-align: center; color: #737373; font-size: 11px; line-height: 18px; width: 310px !important; word-wrap:break-word">\n' +
2020-07-09T21:24:19.847827737Z ' This is an automated email; if you did not authorize this action, then <a href="https://fxa-www.dockerhost.lan/settings/change_password?email=suika%40dockerhost.lan&utm_medium=email&utm_campaign=fx-new-device-signin&utm_content=fx-change-password" style="color: #0a84ff; text-decoration: none; font-family: sans-serif;">please change your password</a>.\n' +
2020-07-09T21:24:19.847835572Z ' For more information, please visit <a href="https://support.mozilla..org/kb/im-having-problems-with-my-firefox-account?utm_medium=email&utm_campaign=fx-new-device-signin&utm_content=fx-support" style="color: #0a84ff; text-decoration: none; font-family: sans-serif;">Mozilla Support</a>.\n' +
2020-07-09T21:24:19.847842231Z ' </p>\n' +
2020-07-09T21:24:19.847847549Z ' </td>\n' +
2020-07-09T21:24:19.847852919Z '</tr>\n' +
2020-07-09T21:24:19.847858247Z '\n' +
2020-07-09T21:24:19.847863384Z '\n' +
2020-07-09T21:24:19.847868749Z ' <tr style="page-break-before: always">\n' +
2020-07-09T21:24:19.847874476Z ' <td valign="top">\n' +
2020-07-09T21:24:19.847879874Z ' <p style="font-family: sans-serif; font-weight: normal; margin: 0; text-align: center; color: #737373; font-size: 11px; line-height: 18px; width: 310px !important; word-wrap:break-word">\n' +
2020-07-09T21:24:19.847885854Z ' Mozilla. 331 E Evelyn Ave, Mountain View, CA 94041\n' +
2020-07-09T21:24:19.847891373Z ' <br />\n' +
2020-07-09T21:24:19.847896799Z ' <a\n' +
2020-07-09T21:24:19.847902089Z ' href="https://www.mozilla.org/privacy?utm_medium=email&utm_campaign=fx-new-device-signin&utm_content=fx-privacy"\n' +
2020-07-09T21:24:19.847908070Z ' style="color: #0a84ff; text-decoration: none; font-family: sans-serif; font-size: 11px; line-height: 18px;"\n' +
2020-07-09T21:24:19.847914442Z ' >Mozilla Privacy Policy</a>\n' +
2020-07-09T21:24:19.847919889Z ' <br />\n' +
2020-07-09T21:24:19.847925208Z ' <a\n' +
2020-07-09T21:24:19.847931230Z ' href="https://www.mozilla.org/about/legal/terms/services/"\n' +
2020-07-09T21:24:19.847937054Z ' style="color: #0a84ff; text-decoration: none; font-family: sans-serif; font-size: 11px; line-height: 18px;"\n' +
2020-07-09T21:24:19.847942723Z ' >Firefox Cloud Terms of Service</a>\n' +
2020-07-09T21:24:19.847948165Z ' </p>\n' +
2020-07-09T21:24:19.847953468Z ' </td>\n' +
2020-07-09T21:24:19.847958744Z ' </tr>\n' +
2020-07-09T21:24:19.847963962Z ' </table>\n' +
2020-07-09T21:24:19.847969245Z ' </body>\n' +
2020-07-09T21:24:19.847981569Z '</html>\n',
2020-07-09T21:24:19.847987757Z text: 'New sign-in to Firefox\n' +
2020-07-09T21:24:19.847993344Z '\n' +
2020-07-09T21:24:19.847998729Z '\n' +
2020-07-09T21:24:19.848004157Z 'Firefox on Linux\n' +
2020-07-09T21:24:19.848009656Z '\n' +
2020-07-09T21:24:19.848015075Z 'IP address: 10.0.0.103\n' +
2020-07-09T21:24:19.848020489Z '9:24:19 PM (UTC) Thursday, Jul 9, 2020\n' +
2020-07-09T21:24:19.848025912Z '\n' +
2020-07-09T21:24:19.848031200Z 'Manage account:\n' +
2020-07-09T21:24:19.848036711Z 'https://fxa-www.dockerhost.lan/settings?email=suika%40dockerhost.lan&uid=64d5f8508a044da981f358a1ed1ded99&utm_medium=email&utm_campaign=fx-new-device-signin&utm_content=fx-manage-account\n' +
2020-07-09T21:24:19.848048779Z '\n' +
2020-07-09T21:24:19.848055016Z 'This is an automated email; if you didn’t add a new device to your Firefox Account, you should change your password immediately at https://fxa-www.dockerhost.lan/settings/change_password?email=suika%40dockerhost.lan&utm_medium=email&utm_campaign=fx-new-device-signin&utm_content=fx-change-password\n' +
2020-07-09T21:24:19.848062761Z '\n' +
2020-07-09T21:24:19.848068296Z 'For more information, please visit https://support.mozilla.org/kb/im-having-problems-with-my-firefox-account?utm_medium=email&utm_campaign=fx-new-device-signin&utm_content=fx-support\n' +
2020-07-09T21:24:19.848074425Z '\n' +
2020-07-09T21:24:19.848079904Z '\n' +
2020-07-09T21:24:19.848085305Z 'Mozilla. 331 E Evelyn Ave, Mountain View, CA 94041\n' +
2020-07-09T21:24:19.848090822Z '\n' +
2020-07-09T21:24:19.848096201Z 'Mozilla Privacy Policy\n' +
2020-07-09T21:24:19.848101607Z 'https://www.mozilla.org/privacy?utm_medium=email&utm_campaign=fx-new-device-signin&utm_content=fx-privacy\n' +
2020-07-09T21:24:19.848107510Z '\n' +
2020-07-09T21:24:19.848112908Z 'Firefox Cloud Terms of Service\n' +
2020-07-09T21:24:19.848118317Z 'https://www.mozilla.org/about/legal/terms/services/\n',
2020-07-09T21:24:19.848123824Z headers: {
2020-07-09T21:24:19.848129171Z 'content-type': 'multipart/alternative; boundary="----sinikael-?=_1-15943298597680.012712636859771864"',
2020-07-09T21:24:19.848134987Z 'content-language': 'en-US',
2020-07-09T21:24:19.848140379Z 'x-template-name': 'newDeviceLogin',
2020-07-09T21:24:19.848146467Z 'x-template-version': '5',
2020-07-09T21:24:19.848151969Z 'x-link': 'https://fxa-www.dockerhost.lan/settings/change_password?email=suika%40dockerhost.lan&utm_medium=email&utm_campaign=fx-new-device-signin&utm_content=fx-change-password',
2020-07-09T21:24:19.848158557Z 'x-device-id': 'fcd992eb9c4a444cb2abf47cd2d0eb2f',
2020-07-09T21:24:19.848164301Z 'x-flow-id': 'fbf589c2bc4f6943a294ce5acef8188a1e2477c420f2fd8435b1c69e6fa2e258',
2020-07-09T21:24:19.848177257Z 'x-flow-begin-time': '1594329851111',
2020-07-09T21:24:19.848183352Z 'x-service-id': 'sync',
2020-07-09T21:24:19.848188636Z 'x-uid': '64d5f8508a044da981f358a1ed1ded99',
2020-07-09T21:24:19.848193943Z 'x-email-service': 'fxa-auth-server',
2020-07-09T21:24:19.848199296Z 'x-email-sender': 'ses',
2020-07-09T21:24:19.848204498Z from: '"Firefox Accounts < >" <no-reply@dockerhost.lan>',
2020-07-09T21:24:19.848210253Z sender: '"Firefox Accounts < >" <no-reply@dockerhost.lan>',
2020-07-09T21:24:19.848215768Z to: 'suika@dockerhost.lan',
2020-07-09T21:24:19.848220970Z subject: 'New sign-in to Firefox',
2020-07-09T21:24:19.848226236Z 'message-id': '<dd95b286-62fd-e8bc-02ba-186220bd90aa@dockerhost.lan>',
2020-07-09T21:24:19.848231797Z date: 'Thu, 09 Jul 2020 21:24:19 +0000',
2020-07-09T21:24:19.848237424Z 'mime-version': '1.0'
2020-07-09T21:24:19.848242690Z },
2020-07-09T21:24:19.848247806Z subject: 'New sign-in to Firefox',
2020-07-09T21:24:19.848253073Z messageId: 'dd95b286-62fd-e8bc-02ba-186220bd90aa@dockerhost.lan',
2020-07-09T21:24:19.848258399Z priority: 'normal',
2020-07-09T21:24:19.848263595Z from: [ { address: 'no-reply@dockerhost.lan', name: 'Firefox Accounts < >' } ],
2020-07-09T21:24:19.848269466Z to: [ { address: 'suika@dockerhost.lan', name: '' } ],
2020-07-09T21:24:19.848274871Z date: 2020-07-09T21:24:19.000Z
2020-07-09T21:24:19.848280114Z }
fxa_nginx_1: 2020-07-09T21:24:19.852661530Z 172.20.0.2 - - [09/Jul/2020:21:24:19 +0000] "POST /v1/account/login?keys=true HTTP/1.1" 200 209 "https://fxa-www.dockerhost.lan/" "Mozilla/5.0 (X11; Linux x86_64; rv:77.0) Gecko/20100101 Firefox/77.0" "10.0.0.103"
fxa_nginx_1: 2020-07-09T21:24:19.927356869Z 172.20.0.2 - - [09/Jul/2020:21:24:19 +0000] "POST /metrics HTTP/1.1" 200 16 "https://fxa-www.dockerhost.lan/" "Mozilla/5.0 (X11; Linux x86_64; rv:77.0) Gecko/20100101 Firefox/77.0" "10.0.0.103"
2020-07-09T21:24:19.928292124Z {"event":"flow.signin.attempt","flow_id":"fbf589c2bc4f6943a294ce5acef8188a1e2477c420f2fd8435b1c69e6fa2e258","flow_time":8406,"hostname":"646fe277bdb6","locale":"en_US","op":"flowEvent","pid":1,"time":"2020-07-09T21:24:19.517Z","userAgent":"Mozilla/5.0 (X11; Linux x86_64; rv:77.0) Gecko/20100101 Firefox/77.0","v":1,"context":"fx_desktop_v3","entrypoint":"fxa_app_menu","service":"sync"}
fxa_nginx_1: 2020-07-09T21:24:19.930388587Z 172.20.0.2 - - [09/Jul/2020:21:24:19 +0000] "POST /metrics HTTP/1.1" 200 16 "https://fxa-www.dockerhost.lan/" "Mozilla/5.0 (X11; Linux x86_64; rv:77.0) Gecko/20100101 Firefox/77.0" "10.0.0.103"
fxa_nginx_1: 2020-07-09T21:24:19.933942533Z 172.20.0.2 - - [09/Jul/2020:21:24:19 +0000] "POST /metrics HTTP/1.1" 200 16 "https://fxa-www.dockerhost.lan/" "Mozilla/5.0 (X11; Linux x86_64; rv:77.0) Gecko/20100101 Firefox/77.0" "10.0.0.103"
2020-07-09T21:24:19.934658809Z {"event":"flow.signin-confirmed.view","flow_id":"fbf589c2bc4f6943a294ce5acef8188a1e2477c420f2fd8435b1c69e6fa2e258","flow_time":8822,"hostname":"646fe277bdb6","locale":"en_US","op":"flowEvent","pid":1,"time":"2020-07-09T21:24:19.933Z","userAgent":"Mozilla/5.0 (X11; Linux x86_64; rv:77.0) Gecko/20100101 Firefox/77.0","v":1,"context":"fx_desktop_v3","entrypoint":"fxa_app_menu","service":"sync"}
fxa_nginx_1: 2020-07-09T21:24:20.098678361Z 172.20.0.2 - - [09/Jul/2020:21:24:20 +0000] "POST /v1/session/destroy?service=sync HTTP/1.1" 200 37 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:77.0) Gecko/20100101 Firefox/77.0" "10.0.0.103"
2020-07-09T21:24:20.098994012Z {"Timestamp":1594329860098000000,"Logger":"fxa-auth-server","Type":"metricsEvents.emitFlowEvent","Severity":2,"Pid":39,"EnvVersion":"2.0","Fields":{"event":"route./session/destroy.200","missingFlowId":true}}
fxa_nginx_1: 2020-07-09T21:24:20.149441924Z 172.20.0.2 - - [09/Jul/2020:21:24:20 +0000] "GET /v1/account/devices HTTP/1.1" 200 563 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:77.0) Gecko/20100101 Firefox/77.0" "10.0.0.103"
2020-07-09T21:24:20.165101846Z {"Timestamp":1594329860164000000,"Logger":"fxa-auth-server","Type":"metricsEvents.emitFlowEvent","Severity":2,"Pid":39,"EnvVersion":"2.0","Fields":{"event":"route./account/keys.200","missingFlowId":true}}
fxa_nginx_1: 2020-07-09T21:24:20.165003717Z 172.20.0.2 - - [09/Jul/2020:21:24:20 +0000] "GET /v1/account/keys HTTP/1.1" 200 171 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:77.0) Gecko/20100101 Firefox/77.0" "10.0.0.103"
2020-07-09T21:24:20.167263021Z {"Timestamp":1594329860167000000,"Logger":"fxa-auth-server","Type":"push.send.failure","Severity":4,"Pid":39,"EnvVersion":"2.0","Fields":{"errCode":"noCallback","err":"Error: No push callback","reason":"deviceConnected","uid":"64d5f8508a044da981f358a1ed1ded99","deviceId":"cb765af6f4ec00120580f73b5162d21d","uaOS":"Windows","uaOSVersion":"10","uaBrowser":"Firefox","uaBrowserVersion":"68.0"}}
fxa_nginx_1: 2020-07-09T21:24:20.167519109Z 172.20.0.2 - - [09/Jul/2020:21:24:20 +0000] "POST /v1/certificate/sign?service=sync HTTP/1.1" 200 1506 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:77.0) Gecko/20100101 Firefox/77.0" "10.0.0.103"
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.177624417Z {"Timestamp":1594329860177000000,"Logger":"browserid-verifier","Type":"ccverifier.computeCluster.debug","Severity":7,"Pid":1,"EnvVersion":"2.0","Fields":{"message":"passing compute job to process 12"}}
fxa_nginx_1: 2020-07-09T21:24:20.196191314Z 172.20.0.2 - - [09/Jul/2020:21:24:20 +0000] "POST /v1/certificate/sign?service=sync HTTP/1.1" 200 1507 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:77.0) Gecko/20100101 Firefox/77.0" "10.0.0.103"
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.204898950Z {"Timestamp":1594329860204000000,"Logger":"browserid-verifier","Type":"v2.assertion_verification_time","Severity":6,"Pid":1,"EnvVersion":"2.0","Fields":{"reqTime":27}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.204945956Z {"Timestamp":1594329860204000000,"Logger":"browserid-verifier","Type":"v2.assertion_failure","Severity":6,"Pid":1,"EnvVersion":"2.0"}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.205519522Z {"Timestamp":1594329860205000000,"Logger":"browserid-verifier","Type":"v2.verify","Severity":6,"Pid":1,"EnvVersion":"2.0","Fields":{"result":"failure","reason":"fxa-api.dockerhost.lan is not a browserid primary: Error: unable to verify the first certificate","assertion":"eyJhbGciOiJSUzI1NiIsImtpZCI6IjIwMjAtMDctMDktNDVjM2E0NGFhMWExZGMxMmZhZTU0ZjBlZjI2ZThiYzYifQ.eyJwdWJsaWMta2V5Ijp7ImFsZ29yaXRobSI6IkRTIiwieSI6IjhGQThDODcyNEM4MUQ0RDVBRjA1MjRDQzczQTRGOEE3MEEzMTM1MTMyOURGN0I1NjBDQjkyMTE3QTI5ODQ1MjRDNjA1REE5QTcyNjZBNENBRThCNjQwOUQxMzJGRjg0NzdDOTZEQzY5QTJBMzFEQTE3ODBFOTBCMzE5MDhGMDI0NEZCRTkzNzdDQTcwQkFENEQ1RDc2MEJDMjZFMUVGQjZBNDU3ODNGODA0QjZCMjFERDYzOTQ1MTQ0MzAyRkE4MjE2MzQ0NTdFMTZBNzk2MUYxMjQwMDkwQkY0NTBCRjJGQ0JFOURGMDA1QTdGMDFCNzA0MjI1RDgzRkI2OTU0MjQiLCJwIjoiRkY2MDA0ODNEQjZBQkZDNUI0NUVBQjc4NTk0QjM1MzNENTUwRDlGMUJGMkE5OTJBN0E4REFBNkRDMzRGODA0NUFENEU2RTBDNDI5RDMzNEVFRUFBRUZEN0UyM0Q0ODEwQkUwMEU0Q0MxNDkyQ0JBMzI1QkE4MUZGMkQ1QTVCMzA1QThEMTdFQjNCRjRBMDZBMzQ5RDM5MkUwMEQzMjk3NDRBNTE3OTM4MDM0NEU4MkExOEM0NzkzMzQzOEY4OTFFMjJBRUVGODEyRDY5QzhGNzVFMzI2Q0I3MEVBMDAwQzNGNzc2REZEQkQ2MDQ2MzhDMkVGNzE3RkMyNkQwMkUxNyIsInEiOiJFMjFFMDRGOTExRDFFRDc5OTEwMDhFQ0FBQjNCRjc3NTk4NDMwOUMzIiwiZyI6IkM1MkE0QTBGRjNCN0U2MUZERjE4NjdDRTg0MTM4MzY5QTYxNTRGNEFGQTkyOTY2RTNDODI3RTI1Q0ZBNkNGNTA4QjkwRTVERTQxOUUxMzM3RTA3QTJFOUUyQTNDRDVERUE3MDREMTc1RjhFQkY2QUYzOTdENjlFMTEwQjk2QUZCMTdDN0EwMzI1OTMyOUU0ODI5QjBEMDNCQkM3ODk2QjE1QjRBREU1M0UxMzA4NThDQzM0RDk2MjY5QUE4OTA0MUY0MDkxMzZDNzI0MkEzODg5NUM5RDVCQ0NBRDRGMzg5QUYxRDdBNEJEMTM5OEJEMDcyREZGQTg5NjIzMzM5N0EifSwicHJpbmNpcGFsIjp7ImVtYWlsIjoiNjRkNWY4NTA4YTA0NGRhOTgxZjM1OGExZWQxZGVkOTlAZnhhLWFwaS5zdWlrYS5sYW4ifSwiaWF0IjoxNTk0MzI5ODUwMTYwLCJleHAiOjE1OTQzNTE0NjAxNjAsImZ4YS1nZW5lcmF0aW9uIjoxNTk0MzEyNTE1OTY4LCJmeGEtbGFzdEF1dGhBdCI6MTU5NDMyOTg1OSwiZnhhLXZlcmlmaWVkRW1haWwiOiJzaW1vbkBkZXZudWxsLnpvbmUiLCJmeGEtZGV2aWNlSWQiOiI1ZWQyNTc1YzkzYTQ4ZGExMzc0MTE4NmU1OGRmZGMyZSIsImZ4YS10b2tlblZlcmlmaWVkIjp0cnVlLCJmeGEtYW1yIjpbInB3ZCIsImVtYWlsIl0sImZ4YS1hYWwiOjEsImZ4YS1wcm9maWxlQ2hhbmdlZEF0IjoxNTk0MzEyNTMyNjY1LCJmeGEta2V5c0NoYW5nZWRBdCI6MTU5NDMxMjUxNTk2OCwiaXNzIjoiZnhhLWFwaS5zdWlrYS5sYW4ifQ.VV24yPzf9tCQDIKuoXsdj7yizwOX5Vcga-Cx_GY0tJJL32z049HQtXNl-eF0IilLei4GQIW2K6-sd0LBYXq6lyHcJNwgYbgMrOMWgBo3z4-w4FcCmoeoUvMQ9j1yQYCZsm5jnf29cn9UY8VkwnnSESU2eYiAdFNFX7N1LMsOLp-Hw6qDNyOvbZLMXXit4tp5ehnObFAoLhILCa-DUqqpET4TtiYH0RWWgVuHCyQbJJMXKbu1-ej5ZZlgFnIU4csnIfTtfZkQXZ-OItpj7sPzvKwg3_XE6Lg1maD4HtHv4gGtEazetn5clqv2Fu57yQue7BZpRPAFwfgWq3ZdE7eXOQ~eyJhbGciOiJEUzEyOCJ9.eyJleHAiOjIzODI3Mjk4NjAwMDAsImF1ZCI6Imh0dHBzOi8vZnhhLW9hdXRoLnN1aWthLmxhbi92MSJ9.HeAEr3ivs8MuVCN3qQOKrArMwrwyHV48t7CyKz7NbEfpQbMpHaUC8w==","trustedIssuers":"[]","rp":"https://fxa-oauth.dockerhost.lan"}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.205575784Z {"Timestamp":1594329860205000000,"Logger":"browserid-verifier","Type":"ccverifier.computeCluster.debug","Severity":7,"Pid":1,"EnvVersion":"2.0","Fields":{"message":"process 12 completed work in 0.03s"}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.205673274Z {"Timestamp":1594329860205000000,"Logger":"browserid-verifier","Type":"server.message","Severity":6,"Pid":1,"EnvVersion":"2.0","Fields":{"message":"172.20.0.14 - - [09/Jul/2020:21:24:20 +0000] \"POST /v2 HTTP/1.1\" 200 123"}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.205729164Z {"Timestamp":1594329860205000000,"Logger":"browserid-verifier","Type":"summary.info","Severity":6,"Pid":1,"EnvVersion":"2.0","Fields":{"agent":"","remoteAddressChain":"[\"172.20.0.14\"]","api":2,"rp":"https://fxa-oauth.dockerhost.lan","assertion_verification_time":27,"err":"fxa-api.dockerhost.lan is not a browserid primary: Error: unable to verify the first certificate","code":200}}
fxa_nginx_1: 2020-07-09T21:24:20.206429384Z 172.20.0.2 - - [09/Jul/2020:21:24:20 +0000] "POST /v1/authorization HTTP/1.1" 401 176 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:77.0) Gecko/20100101 Firefox/77.0" "10.0.0.103"
2020-07-09T21:24:20.206684889Z {"Timestamp":1594329860206000000,"Logger":"fxa-auth-server","Type":"metricsEvents.emitFlowEvent","Severity":2,"Pid":39,"EnvVersion":"2.0","Fields":{"event":"route./authorization.401.999","missingFlowId":true}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.207532160Z {"Timestamp":1594329860207000000,"Logger":"browserid-verifier","Type":"ccverifier.computeCluster.debug","Severity":7,"Pid":1,"EnvVersion":"2.0","Fields":{"message":"passing compute job to process 12"}}
fxa_nginx_1: 2020-07-09T21:24:20.229919219Z 172.20.0.2 - - [09/Jul/2020:21:24:20 +0000] "POST /v1/certificate/sign?service=sync HTTP/1.1" 200 1506 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:77.0) Gecko/20100101 Firefox/77.0" "10.0.0.103"
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.235574861Z {"Timestamp":1594329860235000000,"Logger":"browserid-verifier","Type":"v1.assertion_verification_time","Severity":6,"Pid":1,"EnvVersion":"2.0","Fields":{"reqTime":28}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.235607713Z {"Timestamp":1594329860235000000,"Logger":"browserid-verifier","Type":"v1.assertion_failure","Severity":6,"Pid":1,"EnvVersion":"2.0"}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.236168979Z {"Timestamp":1594329860235000000,"Logger":"browserid-verifier","Type":"v1.verify","Severity":6,"Pid":1,"EnvVersion":"2.0","Fields":{"result":"failure","reason":"fxa-api.dockerhost.lan is not a browserid primary: Error: unable to verify the first certificate","assertion":"eyJhbGciOiJSUzI1NiIsImtpZCI6IjIwMjAtMDctMDktNDVjM2E0NGFhMWExZGMxMmZhZTU0ZjBlZjI2ZThiYzYifQ.eyJwdWJsaWMta2V5Ijp7ImFsZ29yaXRobSI6IkRTIiwieSI6IkRFMDAwNDQ5RUE4MzVFOTM4NzJEQUFGQjk0OEM1MjVERkYyRjNFRjlERTMwOTlGQzBDNzA2Q0M5MjgxRjgwQzEyQ0YzQjI2QUJFNzU2RDQ0MUVGMjg4NjdDRTBCNTY4ODIyQkE3RTczODM4NjZBREM3NUYzNzFFQkU1MDJBREMyQkFCRDRFMzc4MTMzN0QyQzIwQTc5Nzg5MTY4Mjk0RkZBMzYwRDNCOTJDQUExRDc2RkU5QUQ2MEE2OTlGOEFCRTU2MUFBMzgwQzE2RkNBRDkyM0UwRTc1MUMzMzJERjA1QjZEQzdDRjc2MTIwNjMwRTRBRDgyNjc4MzI1ODY4QzciLCJwIjoiRkY2MDA0ODNEQjZBQkZDNUI0NUVBQjc4NTk0QjM1MzNENTUwRDlGMUJGMkE5OTJBN0E4REFBNkRDMzRGODA0NUFENEU2RTBDNDI5RDMzNEVFRUFBRUZEN0UyM0Q0ODEwQkUwMEU0Q0MxNDkyQ0JBMzI1QkE4MUZGMkQ1QTVCMzA1QThEMTdFQjNCRjRBMDZBMzQ5RDM5MkUwMEQzMjk3NDRBNTE3OTM4MDM0NEU4MkExOEM0NzkzMzQzOEY4OTFFMjJBRUVGODEyRDY5QzhGNzVFMzI2Q0I3MEVBMDAwQzNGNzc2REZEQkQ2MDQ2MzhDMkVGNzE3RkMyNkQwMkUxNyIsInEiOiJFMjFFMDRGOTExRDFFRDc5OTEwMDhFQ0FBQjNCRjc3NTk4NDMwOUMzIiwiZyI6IkM1MkE0QTBGRjNCN0U2MUZERjE4NjdDRTg0MTM4MzY5QTYxNTRGNEFGQTkyOTY2RTNDODI3RTI1Q0ZBNkNGNTA4QjkwRTVERTQxOUUxMzM3RTA3QTJFOUUyQTNDRDVERUE3MDREMTc1RjhFQkY2QUYzOTdENjlFMTEwQjk2QUZCMTdDN0EwMzI1OTMyOUU0ODI5QjBEMDNCQkM3ODk2QjE1QjRBREU1M0UxMzA4NThDQzM0RDk2MjY5QUE4OTA0MUY0MDkxMzZDNzI0MkEzODg5NUM5RDVCQ0NBRDRGMzg5QUYxRDdBNEJEMTM5OEJEMDcyREZGQTg5NjIzMzM5N0EifSwicHJpbmNpcGFsIjp7ImVtYWlsIjoiNjRkNWY4NTA4YTA0NGRhOTgxZjM1OGExZWQxZGVkOTlAZnhhLWFwaS5zdWlrYS5sYW4ifSwiaWF0IjoxNTk0MzI5ODUwMTkxLCJleHAiOjE1OTQzNTE0NjAxOTEsImZ4YS1nZW5lcmF0aW9uIjoxNTk0MzEyNTE1OTY4LCJmeGEtbGFzdEF1dGhBdCI6MTU5NDMyOTg1OSwiZnhhLXZlcmlmaWVkRW1haWwiOiJzaW1vbkBkZXZudWxsLnpvbmUiLCJmeGEtZGV2aWNlSWQiOiI1ZWQyNTc1YzkzYTQ4ZGExMzc0MTE4NmU1OGRmZGMyZSIsImZ4YS10b2tlblZlcmlmaWVkIjp0cnVlLCJmeGEtYW1yIjpbInB3ZCIsImVtYWlsIl0sImZ4YS1hYWwiOjEsImZ4YS1wcm9maWxlQ2hhbmdlZEF0IjoxNTk0MzEyNTMyNjY1LCJmeGEta2V5c0NoYW5nZWRBdCI6MTU5NDMxMjUxNTk2OCwiaXNzIjoiZnhhLWFwaS5zdWlrYS5sYW4ifQ.Y3P-kuzsgtpVeywDJIq7x8nLwka0Lo9klce9TdzyOAU01moRYXrzWGVx77zdC_ckzpOZr0LJRuO2d-1iszoYrNl3DR4N7XU-bEa_dpefWXvGB3g-pL0nyAH_J2QCZbTCMsO3Iw-a6tGBg0-xBWga8ss5iddh1Rf7JA_aRaYRet7B49qxcnyNJWgsChecfCyPZp5uAzWu7Xut0I-JirLYnK6-ntX-iFWZFUkh_h1R6G4q8A6WZh9LloHeXJmYjK5G1dXvMSprs63RL4YNDAEpkPkBSo-0pJTmienK8SXFErcRrz4ysKvX61tvkKZc3ojdGFUNg4DbII6Vw4qjqwfZkg~eyJhbGciOiJEUzEyOCJ9.eyJleHAiOjIzODI3Mjk4NjAwMDEsImF1ZCI6Imh0dHBzOi8vZnhhLXRva2VuLnN1aWthLmxhbiJ9.O3KuC_QwoIw3UutjVod-pTLfJH_OH894e76h8EivvM03ocKDxhH24w==","trustedIssuers":"[]","rp":"https://fxa-token.dockerhost.lan"}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.236198728Z {"Timestamp":1594329860236000000,"Logger":"browserid-verifier","Type":"ccverifier.computeCluster.debug","Severity":7,"Pid":1,"EnvVersion":"2.0","Fields":{"message":"process 12 completed work in 0.03s"}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.236298943Z {"Timestamp":1594329860236000000,"Logger":"browserid-verifier","Type":"server.message","Severity":6,"Pid":1,"EnvVersion":"2.0","Fields":{"message":"172.20.0.16 - - [09/Jul/2020:21:24:20 +0000] \"POST / HTTP/1.1\" 200 123"}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.236318208Z {"Timestamp":1594329860236000000,"Logger":"browserid-verifier","Type":"summary.info","Severity":6,"Pid":1,"EnvVersion":"2.0","Fields":{"agent":"python-requests/2.20.0","remoteAddressChain":"[\"172.20.0.16\"]","api":1,"rp":"https://fxa-token.dockerhost.lan","assertion_verification_time":28,"err":"fxa-api.dockerhost.lan is not a browserid primary: Error: unable to verify the first certificate","code":200}}
fxa_nginx_1: 2020-07-09T21:24:20.237751140Z 172.20.0.2 - - [09/Jul/2020:21:24:20 +0000] "GET /token/1.0/sync/1.5 HTTP/1.1" 401 110 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:77.0) Gecko/20100101 Firefox/77.0" "10.0.0.103"
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.238130379Z {"Timestamp":1594329860237000000,"Logger":"browserid-verifier","Type":"ccverifier.computeCluster.debug","Severity":7,"Pid":1,"EnvVersion":"2.0","Fields":{"message":"passing compute job to process 12"}}
fxa_nginx_1: 2020-07-09T21:24:20.262177806Z 172.20.0.2 - - [09/Jul/2020:21:24:20 +0000] "POST /v1/certificate/sign?service=sync HTTP/1.1" 200 1499 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:77.0) Gecko/20100101 Firefox/77.0" "10.0.0.103"
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.265472583Z {"Timestamp":1594329860265000000,"Logger":"browserid-verifier","Type":"v2.assertion_verification_time","Severity":6,"Pid":1,"EnvVersion":"2.0","Fields":{"reqTime":28}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.265521455Z {"Timestamp":1594329860265000000,"Logger":"browserid-verifier","Type":"v2.assertion_failure","Severity":6,"Pid":1,"EnvVersion":"2.0"}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.266026857Z {"Timestamp":1594329860265000000,"Logger":"browserid-verifier","Type":"v2.verify","Severity":6,"Pid":1,"EnvVersion":"2.0","Fields":{"result":"failure","reason":"fxa-api.dockerhost.lan is not a browserid primary: Error: unable to verify the first certificate","assertion":"eyJhbGciOiJSUzI1NiIsImtpZCI6IjIwMjAtMDctMDktNDVjM2E0NGFhMWExZGMxMmZhZTU0ZjBlZjI2ZThiYzYifQ.eyJwdWJsaWMta2V5Ijp7ImFsZ29yaXRobSI6IkRTIiwieSI6IkRFMDAwNDQ5RUE4MzVFOTM4NzJEQUFGQjk0OEM1MjVERkYyRjNFRjlERTMwOTlGQzBDNzA2Q0M5MjgxRjgwQzEyQ0YzQjI2QUJFNzU2RDQ0MUVGMjg4NjdDRTBCNTY4ODIyQkE3RTczODM4NjZBREM3NUYzNzFFQkU1MDJBREMyQkFCRDRFMzc4MTMzN0QyQzIwQTc5Nzg5MTY4Mjk0RkZBMzYwRDNCOTJDQUExRDc2RkU5QUQ2MEE2OTlGOEFCRTU2MUFBMzgwQzE2RkNBRDkyM0UwRTc1MUMzMzJERjA1QjZEQzdDRjc2MTIwNjMwRTRBRDgyNjc4MzI1ODY4QzciLCJwIjoiRkY2MDA0ODNEQjZBQkZDNUI0NUVBQjc4NTk0QjM1MzNENTUwRDlGMUJGMkE5OTJBN0E4REFBNkRDMzRGODA0NUFENEU2RTBDNDI5RDMzNEVFRUFBRUZEN0UyM0Q0ODEwQkUwMEU0Q0MxNDkyQ0JBMzI1QkE4MUZGMkQ1QTVCMzA1QThEMTdFQjNCRjRBMDZBMzQ5RDM5MkUwMEQzMjk3NDRBNTE3OTM4MDM0NEU4MkExOEM0NzkzMzQzOEY4OTFFMjJBRUVGODEyRDY5QzhGNzVFMzI2Q0I3MEVBMDAwQzNGNzc2REZEQkQ2MDQ2MzhDMkVGNzE3RkMyNkQwMkUxNyIsInEiOiJFMjFFMDRGOTExRDFFRDc5OTEwMDhFQ0FBQjNCRjc3NTk4NDMwOUMzIiwiZyI6IkM1MkE0QTBGRjNCN0U2MUZERjE4NjdDRTg0MTM4MzY5QTYxNTRGNEFGQTkyOTY2RTNDODI3RTI1Q0ZBNkNGNTA4QjkwRTVERTQxOUUxMzM3RTA3QTJFOUUyQTNDRDVERUE3MDREMTc1RjhFQkY2QUYzOTdENjlFMTEwQjk2QUZCMTdDN0EwMzI1OTMyOUU0ODI5QjBEMDNCQkM3ODk2QjE1QjRBREU1M0UxMzA4NThDQzM0RDk2MjY5QUE4OTA0MUY0MDkxMzZDNzI0MkEzODg5NUM5RDVCQ0NBRDRGMzg5QUYxRDdBNEJEMTM5OEJEMDcyREZGQTg5NjIzMzM5N0EifSwicHJpbmNpcGFsIjp7ImVtYWlsIjoiNjRkNWY4NTA4YTA0NGRhOTgxZjM1OGExZWQxZGVkOTlAZnhhLWFwaS5zdWlrYS5sYW4ifSwiaWF0IjoxNTk0MzI5ODUwMjIyLCJleHAiOjE1OTQzNTE0NjAyMjIsImZ4YS1nZW5lcmF0aW9uIjoxNTk0MzEyNTE1OTY4LCJmeGEtbGFzdEF1dGhBdCI6MTU5NDMyOTg1OSwiZnhhLXZlcmlmaWVkRW1haWwiOiJzaW1vbkBkZXZudWxsLnpvbmUiLCJmeGEtZGV2aWNlSWQiOiI1ZWQyNTc1YzkzYTQ4ZGExMzc0MTE4NmU1OGRmZGMyZSIsImZ4YS10b2tlblZlcmlmaWVkIjp0cnVlLCJmeGEtYW1yIjpbInB3ZCIsImVtYWlsIl0sImZ4YS1hYWwiOjEsImZ4YS1wcm9maWxlQ2hhbmdlZEF0IjoxNTk0MzEyNTMyNjY1LCJmeGEta2V5c0NoYW5nZWRBdCI6MTU5NDMxMjUxNTk2OCwiaXNzIjoiZnhhLWFwaS5zdWlrYS5sYW4ifQ.Ca-p5qhclDk9-Ucsemni6q-QcGTuGeRGSecDW3tgKVDrdLG7FxR5M7Pscqj34iSc0RruzuvCI8EKx5vA1z_Lsmwefq109tP83O0A90mAS08ZynLqoVwQkqteZjZ-zXjkg2EigBz6ocwdt_jitvHON-z_WZrcoU4-R_uVSc9THNNyepVCBrj0xfNBtk409E-MhbDp7kWCBUO6TazdwmupbkXWBABbRWtuDwwKBYZh3q1BLEOES4yt9A3N-ulhguGbV0FNaGX_1AjpvwLo7NlqxHUhm1fK0NEarpFi988hyO1JqW1HS4h--VFCYn9UroDMhCuGlgUR-CPj8jVYt5-kyg~eyJhbGciOiJEUzEyOCJ9.eyJleHAiOjIzODI3Mjk4NjAwMDEsImF1ZCI6Imh0dHBzOi8vZnhhLW9hdXRoLnN1aWthLmxhbi92MSJ9.UeYz3W6Rz1LOYZAhF2e4nu4Kco59Jgq80sCQN6-FhK3oZShwF9cvzQ==","trustedIssuers":"[]","rp":"https://fxa-oauth.dockerhost.lan"}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.266076884Z {"Timestamp":1594329860265000000,"Logger":"browserid-verifier","Type":"ccverifier.computeCluster.debug","Severity":7,"Pid":1,"EnvVersion":"2.0","Fields":{"message":"process 12 completed work in 0.03s"}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.266210451Z {"Timestamp":1594329860266000000,"Logger":"browserid-verifier","Type":"server.message","Severity":6,"Pid":1,"EnvVersion":"2.0","Fields":{"message":"172.20.0.14 - - [09/Jul/2020:21:24:20 +0000] \"POST /v2 HTTP/1.1\" 200 123"}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.266307870Z {"Timestamp":1594329860266000000,"Logger":"browserid-verifier","Type":"summary.info","Severity":6,"Pid":1,"EnvVersion":"2.0","Fields":{"agent":"","remoteAddressChain":"[\"172.20.0.14\"]","api":2,"rp":"https://fxa-oauth.dockerhost.lan","assertion_verification_time":28,"err":"fxa-api.dockerhost.lan is not a browserid primary: Error: unable to verify the first certificate","code":200}}
fxa_nginx_1: 2020-07-09T21:24:20.266980885Z 172.20.0.2 - - [09/Jul/2020:21:24:20 +0000] "POST /v1/authorization HTTP/1.1" 401 176 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:77.0) Gecko/20100101 Firefox/77.0" "10.0.0.103"
2020-07-09T21:24:20.267435330Z {"Timestamp":1594329860267000000,"Logger":"fxa-auth-server","Type":"metricsEvents.emitFlowEvent","Severity":2,"Pid":39,"EnvVersion":"2.0","Fields":{"event":"route./authorization.401.999","missingFlowId":true}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.270965976Z {"Timestamp":1594329860270000000,"Logger":"browserid-verifier","Type":"ccverifier.computeCluster.debug","Severity":7,"Pid":1,"EnvVersion":"2.0","Fields":{"message":"passing compute job to process 12"}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.298742400Z {"Timestamp":1594329860298000000,"Logger":"browserid-verifier","Type":"v1.assertion_verification_time","Severity":6,"Pid":1,"EnvVersion":"2.0","Fields":{"reqTime":28}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.298793762Z {"Timestamp":1594329860298000000,"Logger":"browserid-verifier","Type":"v1.assertion_failure","Severity":6,"Pid":1,"EnvVersion":"2.0"}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.299290859Z {"Timestamp":1594329860299000000,"Logger":"browserid-verifier","Type":"v1.verify","Severity":6,"Pid":1,"EnvVersion":"2.0","Fields":{"result":"failure","reason":"fxa-api.dockerhost.lan is not a browserid primary: Error: unable to verify the first certificate","assertion":"eyJhbGciOiJSUzI1NiIsImtpZCI6IjIwMjAtMDctMDktNDVjM2E0NGFhMWExZGMxMmZhZTU0ZjBlZjI2ZThiYzYifQ.eyJwdWJsaWMta2V5Ijp7ImFsZ29yaXRobSI6IkRTIiwieSI6IkRFMDAwNDQ5RUE4MzVFOTM4NzJEQUFGQjk0OEM1MjVERkYyRjNFRjlERTMwOTlGQzBDNzA2Q0M5MjgxRjgwQzEyQ0YzQjI2QUJFNzU2RDQ0MUVGMjg4NjdDRTBCNTY4ODIyQkE3RTczODM4NjZBREM3NUYzNzFFQkU1MDJBREMyQkFCRDRFMzc4MTMzN0QyQzIwQTc5Nzg5MTY4Mjk0RkZBMzYwRDNCOTJDQUExRDc2RkU5QUQ2MEE2OTlGOEFCRTU2MUFBMzgwQzE2RkNBRDkyM0UwRTc1MUMzMzJERjA1QjZEQzdDRjc2MTIwNjMwRTRBRDgyNjc4MzI1ODY4QzciLCJwIjoiRkY2MDA0ODNEQjZBQkZDNUI0NUVBQjc4NTk0QjM1MzNENTUwRDlGMUJGMkE5OTJBN0E4REFBNkRDMzRGODA0NUFENEU2RTBDNDI5RDMzNEVFRUFBRUZEN0UyM0Q0ODEwQkUwMEU0Q0MxNDkyQ0JBMzI1QkE4MUZGMkQ1QTVCMzA1QThEMTdFQjNCRjRBMDZBMzQ5RDM5MkUwMEQzMjk3NDRBNTE3OTM4MDM0NEU4MkExOEM0NzkzMzQzOEY4OTFFMjJBRUVGODEyRDY5QzhGNzVFMzI2Q0I3MEVBMDAwQzNGNzc2REZEQkQ2MDQ2MzhDMkVGNzE3RkMyNkQwMkUxNyIsInEiOiJFMjFFMDRGOTExRDFFRDc5OTEwMDhFQ0FBQjNCRjc3NTk4NDMwOUMzIiwiZyI6IkM1MkE0QTBGRjNCN0U2MUZERjE4NjdDRTg0MTM4MzY5QTYxNTRGNEFGQTkyOTY2RTNDODI3RTI1Q0ZBNkNGNTA4QjkwRTVERTQxOUUxMzM3RTA3QTJFOUUyQTNDRDVERUE3MDREMTc1RjhFQkY2QUYzOTdENjlFMTEwQjk2QUZCMTdDN0EwMzI1OTMyOUU0ODI5QjBEMDNCQkM3ODk2QjE1QjRBREU1M0UxMzA4NThDQzM0RDk2MjY5QUE4OTA0MUY0MDkxMzZDNzI0MkEzODg5NUM5RDVCQ0NBRDRGMzg5QUYxRDdBNEJEMTM5OEJEMDcyREZGQTg5NjIzMzM5N0EifSwicHJpbmNpcGFsIjp7ImVtYWlsIjoiNjRkNWY4NTA4YTA0NGRhOTgxZjM1OGExZWQxZGVkOTlAZnhhLWFwaS5zdWlrYS5sYW4ifSwiaWF0IjoxNTk0MzI5ODUwMjU0LCJleHAiOjE1OTQzNTE0NjAyNTQsImZ4YS1nZW5lcmF0aW9uIjoxNTk0MzEyNTE1OTY4LCJmeGEtbGFzdEF1dGhBdCI6MTU5NDMyOTg1OSwiZnhhLXZlcmlmaWVkRW1haWwiOiJzaW1vbkBkZXZudWxsLnpvbmUiLCJmeGEtZGV2aWNlSWQiOiI1ZWQyNTc1YzkzYTQ4ZGExMzc0MTE4NmU1OGRmZGMyZSIsImZ4YS10b2tlblZlcmlmaWVkIjp0cnVlLCJmeGEtYW1yIjpbInB3ZCIsImVtYWlsIl0sImZ4YS1hYWwiOjEsImZ4YS1wcm9maWxlQ2hhbmdlZEF0IjoxNTk0MzEyNTMyNjY1LCJmeGEta2V5c0NoYW5nZWRBdCI6MTU5NDMxMjUxNTk2OCwiaXNzIjoiZnhhLWFwaS5zdWlrYS5sYW4ifQ.WncxRzqnpk7u1u5g_axGO5VwEF5IUI5tl7wMHIhMeYTODJNBQ7VDholqDUDk0-NCsBV2-jaRRZpi5KNSQ0C4CK30SBKgjCzd4Z3E0g5xcjyiaaGMBUA9Kv7Frdut57ogx87ug_jdTSas0To9a7xNc1_wW0YEw6BooaHqjDtNMH98xqaHED2rMmEq6syqJ2UKdlD6IPqjAk7TlKv2vACWNBom-BZHy3LiouM37U4jfuRoCBqK41Jl67DS-0Fw3Ox9BYwR0vRcVYzb22-B9s0scGkhfRM2NwJF0EiFxq72ZHnBUk2w0JbxzOQZMd4AGuEKOooWjrA3kHke9heycroDFg~eyJhbGciOiJEUzEyOCJ9.eyJleHAiOjIzODI3Mjk4NjAwMDAsImF1ZCI6Imh0dHBzOi8vZnhhLXRva2VuLnN1aWthLmxhbiJ9.RGkjFU6jGfOIEayBwqU2ViZ2QRM4kY18Fo-JjfoFZyarkYAVc7BlWg==","trustedIssuers":"[]","rp":"https://fxa-token.dockerhost.lan"}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.299369084Z {"Timestamp":1594329860299000000,"Logger":"browserid-verifier","Type":"ccverifier.computeCluster.debug","Severity":7,"Pid":1,"EnvVersion":"2.0","Fields":{"message":"process 12 completed work in 0.03s"}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.299453403Z {"Timestamp":1594329860299000000,"Logger":"browserid-verifier","Type":"server.message","Severity":6,"Pid":1,"EnvVersion":"2.0","Fields":{"message":"172.20.0.16 - - [09/Jul/2020:21:24:20 +0000] \"POST / HTTP/1.1\" 200 123"}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.299514759Z {"Timestamp":1594329860299000000,"Logger":"browserid-verifier","Type":"summary.info","Severity":6,"Pid":1,"EnvVersion":"2.0","Fields":{"agent":"python-requests/2.20.0","remoteAddressChain":"[\"172.20.0.16\"]","api":1,"rp":"https://fxa-token.dockerhost.lan","assertion_verification_time":28,"err":"fxa-api.dockerhost.lan is not a browserid primary: Error: unable to verify the first certificate","code":200}}
fxa_nginx_1: 2020-07-09T21:24:20.300689361Z 172.20.0.2 - - [09/Jul/2020:21:24:20 +0000] "GET /token/1.0/sync/1.5 HTTP/1.1" 401 110 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:77.0) Gecko/20100101 Firefox/77.0" "10.0.0.103"
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.333170786Z {"Timestamp":1594329860333000000,"Logger":"browserid-verifier","Type":"ccverifier.computeCluster.debug","Severity":7,"Pid":1,"EnvVersion":"2.0","Fields":{"message":"passing compute job to process 12"}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.359997778Z {"Timestamp":1594329860359000000,"Logger":"browserid-verifier","Type":"v2.assertion_verification_time","Severity":6,"Pid":1,"EnvVersion":"2.0","Fields":{"reqTime":27}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.360038745Z {"Timestamp":1594329860359000000,"Logger":"browserid-verifier","Type":"v2.assertion_failure","Severity":6,"Pid":1,"EnvVersion":"2.0"}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.360563040Z {"Timestamp":1594329860360000000,"Logger":"browserid-verifier","Type":"v2.verify","Severity":6,"Pid":1,"EnvVersion":"2.0","Fields":{"result":"failure","reason":"fxa-api.dockerhost.lan is not a browserid primary: Error: unable to verify the first certificate","assertion":"eyJhbGciOiJSUzI1NiIsImtpZCI6IjIwMjAtMDctMDktNDVjM2E0NGFhMWExZGMxMmZhZTU0ZjBlZjI2ZThiYzYifQ.eyJwdWJsaWMta2V5Ijp7ImFsZ29yaXRobSI6IkRTIiwieSI6IkRFMDAwNDQ5RUE4MzVFOTM4NzJEQUFGQjk0OEM1MjVERkYyRjNFRjlERTMwOTlGQzBDNzA2Q0M5MjgxRjgwQzEyQ0YzQjI2QUJFNzU2RDQ0MUVGMjg4NjdDRTBCNTY4ODIyQkE3RTczODM4NjZBREM3NUYzNzFFQkU1MDJBREMyQkFCRDRFMzc4MTMzN0QyQzIwQTc5Nzg5MTY4Mjk0RkZBMzYwRDNCOTJDQUExRDc2RkU5QUQ2MEE2OTlGOEFCRTU2MUFBMzgwQzE2RkNBRDkyM0UwRTc1MUMzMzJERjA1QjZEQzdDRjc2MTIwNjMwRTRBRDgyNjc4MzI1ODY4QzciLCJwIjoiRkY2MDA0ODNEQjZBQkZDNUI0NUVBQjc4NTk0QjM1MzNENTUwRDlGMUJGMkE5OTJBN0E4REFBNkRDMzRGODA0NUFENEU2RTBDNDI5RDMzNEVFRUFBRUZEN0UyM0Q0ODEwQkUwMEU0Q0MxNDkyQ0JBMzI1QkE4MUZGMkQ1QTVCMzA1QThEMTdFQjNCRjRBMDZBMzQ5RDM5MkUwMEQzMjk3NDRBNTE3OTM4MDM0NEU4MkExOEM0NzkzMzQzOEY4OTFFMjJBRUVGODEyRDY5QzhGNzVFMzI2Q0I3MEVBMDAwQzNGNzc2REZEQkQ2MDQ2MzhDMkVGNzE3RkMyNkQwMkUxNyIsInEiOiJFMjFFMDRGOTExRDFFRDc5OTEwMDhFQ0FBQjNCRjc3NTk4NDMwOUMzIiwiZyI6IkM1MkE0QTBGRjNCN0U2MUZERjE4NjdDRTg0MTM4MzY5QTYxNTRGNEFGQTkyOTY2RTNDODI3RTI1Q0ZBNkNGNTA4QjkwRTVERTQxOUUxMzM3RTA3QTJFOUUyQTNDRDVERUE3MDREMTc1RjhFQkY2QUYzOTdENjlFMTEwQjk2QUZCMTdDN0EwMzI1OTMyOUU0ODI5QjBEMDNCQkM3ODk2QjE1QjRBREU1M0UxMzA4NThDQzM0RDk2MjY5QUE4OTA0MUY0MDkxMzZDNzI0MkEzODg5NUM5RDVCQ0NBRDRGMzg5QUYxRDdBNEJEMTM5OEJEMDcyREZGQTg5NjIzMzM5N0EifSwicHJpbmNpcGFsIjp7ImVtYWlsIjoiNjRkNWY4NTA4YTA0NGRhOTgxZjM1OGExZWQxZGVkOTlAZnhhLWFwaS5zdWlrYS5sYW4ifSwiaWF0IjoxNTk0MzI5ODUwMjU0LCJleHAiOjE1OTQzNTE0NjAyNTQsImZ4YS1nZW5lcmF0aW9uIjoxNTk0MzEyNTE1OTY4LCJmeGEtbGFzdEF1dGhBdCI6MTU5NDMyOTg1OSwiZnhhLXZlcmlmaWVkRW1haWwiOiJzaW1vbkBkZXZudWxsLnpvbmUiLCJmeGEtZGV2aWNlSWQiOiI1ZWQyNTc1YzkzYTQ4ZGExMzc0MTE4NmU1OGRmZGMyZSIsImZ4YS10b2tlblZlcmlmaWVkIjp0cnVlLCJmeGEtYW1yIjpbInB3ZCIsImVtYWlsIl0sImZ4YS1hYWwiOjEsImZ4YS1wcm9maWxlQ2hhbmdlZEF0IjoxNTk0MzEyNTMyNjY1LCJmeGEta2V5c0NoYW5nZWRBdCI6MTU5NDMxMjUxNTk2OCwiaXNzIjoiZnhhLWFwaS5zdWlrYS5sYW4ifQ.WncxRzqnpk7u1u5g_axGO5VwEF5IUI5tl7wMHIhMeYTODJNBQ7VDholqDUDk0-NCsBV2-jaRRZpi5KNSQ0C4CK30SBKgjCzd4Z3E0g5xcjyiaaGMBUA9Kv7Frdut57ogx87ug_jdTSas0To9a7xNc1_wW0YEw6BooaHqjDtNMH98xqaHED2rMmEq6syqJ2UKdlD6IPqjAk7TlKv2vACWNBom-BZHy3LiouM37U4jfuRoCBqK41Jl67DS-0Fw3Ox9BYwR0vRcVYzb22-B9s0scGkhfRM2NwJF0EiFxq72ZHnBUk2w0JbxzOQZMd4AGuEKOooWjrA3kHke9heycroDFg~eyJhbGciOiJEUzEyOCJ9.eyJleHAiOjIzODI3Mjk4NjAwNDcsImF1ZCI6Imh0dHBzOi8vZnhhLW9hdXRoLnN1aWthLmxhbi92MSJ9.yPQGeqLefLm8BjOPBIrGrASACjG8x0RGfTNncGOsTQBz-0HETGEiAw==","trustedIssuers":"[]","rp":"https://fxa-oauth.dockerhost.lan"}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.360620986Z {"Timestamp":1594329860360000000,"Logger":"browserid-verifier","Type":"ccverifier.computeCluster.debug","Severity":7,"Pid":1,"EnvVersion":"2.0","Fields":{"message":"process 12 completed work in 0.03s"}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.360806492Z {"Timestamp":1594329860360000000,"Logger":"browserid-verifier","Type":"server.message","Severity":6,"Pid":1,"EnvVersion":"2.0","Fields":{"message":"172.20.0.14 - - [09/Jul/2020:21:24:20 +0000] \"POST /v2 HTTP/1.1\" 200 123"}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.360852311Z {"Timestamp":1594329860360000000,"Logger":"browserid-verifier","Type":"summary.info","Severity":6,"Pid":1,"EnvVersion":"2.0","Fields":{"agent":"","remoteAddressChain":"[\"172.20.0.14\"]","api":2,"rp":"https://fxa-oauth.dockerhost.lan","assertion_verification_time":27,"err":"fxa-api.dockerhost.lan is not a browserid primary: Error: unable to verify the first certificate","code":200}}
fxa_nginx_1: 2020-07-09T21:24:20.361388274Z 172.20.0.2 - - [09/Jul/2020:21:24:20 +0000] "POST /v1/authorization HTTP/1.1" 401 176 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:77.0) Gecko/20100101 Firefox/77.0" "10.0.0.103"
2020-07-09T21:24:20.361735939Z {"Timestamp":1594329860361000000,"Logger":"fxa-auth-server","Type":"metricsEvents.emitFlowEvent","Severity":2,"Pid":39,"EnvVersion":"2.0","Fields":{"event":"route./authorization.401.999","missingFlowId":true}}
2020-07-09T21:24:20.372150278Z {"Timestamp":1594329860372000000,"Logger":"fxa-auth-server","Type":"metricsEvents.emitFlowEvent","Severity":2,"Pid":39,"EnvVersion":"2.0","Fields":{"event":"route./account/device.200","missingFlowId":true}}
fxa_nginx_1: 2020-07-09T21:24:20.372046980Z 172.20.0.2 - - [09/Jul/2020:21:24:20 +0000] "POST /v1/account/device HTTP/1.1" 200 753 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:77.0) Gecko/20100101 Firefox/77.0" "10.0.0.103"
fxa_nginx_1: 2020-07-09T21:24:20.379920061Z 172.20.0.2 - - [09/Jul/2020:21:24:20 +0000] "POST /v1/certificate/sign?service=sync HTTP/1.1" 200 1508 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:77.0) Gecko/20100101 Firefox/77.0" "10.0.0.103"
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.389821062Z {"Timestamp":1594329860389000000,"Logger":"browserid-verifier","Type":"ccverifier.computeCluster.debug","Severity":7,"Pid":1,"EnvVersion":"2.0","Fields":{"message":"passing compute job to process 12"}}
fxa_nginx_1: 2020-07-09T21:24:20.401660256Z 172.20.0.2 - - [09/Jul/2020:21:24:20 +0000] "POST /v1/certificate/sign?service=sync HTTP/1.1" 200 1500 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:77.0) Gecko/20100101 Firefox/77.0" "10.0.0.103"
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.417556920Z {"Timestamp":1594329860417000000,"Logger":"browserid-verifier","Type":"ccverifier.computeCluster.debug","Severity":7,"Pid":1,"EnvVersion":"2.0","Fields":{"message":"passing compute job to process 19"}}
fxa_nginx_1: 2020-07-09T21:24:20.441411884Z 172.20.0.2 - - [09/Jul/2020:21:24:20 +0000] "POST /v1/authorization HTTP/1.1" 401 176 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:77.0) Gecko/20100101 Firefox/77.0" "10.0.0.103"
2020-07-09T21:24:20.441414696Z {"Timestamp":1594329860438000000,"Logger":"fxa-auth-server","Type":"metricsEvents.emitFlowEvent","Severity":2,"Pid":39,"EnvVersion":"2.0","Fields":{"event":"route./authorization.401.999","missingFlowId":true}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.441445582Z {"Timestamp":1594329860434000000,"Logger":"browserid-verifier","Type":"v2.assertion_verification_time","Severity":6,"Pid":1,"EnvVersion":"2.0","Fields":{"reqTime":45}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.441504181Z {"Timestamp":1594329860434000000,"Logger":"browserid-verifier","Type":"v2.assertion_failure","Severity":6,"Pid":1,"EnvVersion":"2.0"}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.441528574Z {"Timestamp":1594329860435000000,"Logger":"browserid-verifier","Type":"v2.verify","Severity":6,"Pid":1,"EnvVersion":"2.0","Fields":{"result":"failure","reason":"fxa-api.dockerhost.lan is not a browserid primary: Error: unable to verify the first certificate","assertion":"eyJhbGciOiJSUzI1NiIsImtpZCI6IjIwMjAtMDctMDktNDVjM2E0NGFhMWExZGMxMmZhZTU0ZjBlZjI2ZThiYzYifQ.eyJwdWJsaWMta2V5Ijp7ImFsZ29yaXRobSI6IkRTIiwieSI6IkRFMDAwNDQ5RUE4MzVFOTM4NzJEQUFGQjk0OEM1MjVERkYyRjNFRjlERTMwOTlGQzBDNzA2Q0M5MjgxRjgwQzEyQ0YzQjI2QUJFNzU2RDQ0MUVGMjg4NjdDRTBCNTY4ODIyQkE3RTczODM4NjZBREM3NUYzNzFFQkU1MDJBREMyQkFCRDRFMzc4MTMzN0QyQzIwQTc5Nzg5MTY4Mjk0RkZBMzYwRDNCOTJDQUExRDc2RkU5QUQ2MEE2OTlGOEFCRTU2MUFBMzgwQzE2RkNBRDkyM0UwRTc1MUMzMzJERjA1QjZEQzdDRjc2MTIwNjMwRTRBRDgyNjc4MzI1ODY4QzciLCJwIjoiRkY2MDA0ODNEQjZBQkZDNUI0NUVBQjc4NTk0QjM1MzNENTUwRDlGMUJGMkE5OTJBN0E4REFBNkRDMzRGODA0NUFENEU2RTBDNDI5RDMzNEVFRUFBRUZEN0UyM0Q0ODEwQkUwMEU0Q0MxNDkyQ0JBMzI1QkE4MUZGMkQ1QTVCMzA1QThEMTdFQjNCRjRBMDZBMzQ5RDM5MkUwMEQzMjk3NDRBNTE3OTM4MDM0NEU4MkExOEM0NzkzMzQzOEY4OTFFMjJBRUVGODEyRDY5QzhGNzVFMzI2Q0I3MEVBMDAwQzNGNzc2REZEQkQ2MDQ2MzhDMkVGNzE3RkMyNkQwMkUxNyIsInEiOiJFMjFFMDRGOTExRDFFRDc5OTEwMDhFQ0FBQjNCRjc3NTk4NDMwOUMzIiwiZyI6IkM1MkE0QTBGRjNCN0U2MUZERjE4NjdDRTg0MTM4MzY5QTYxNTRGNEFGQTkyOTY2RTNDODI3RTI1Q0ZBNkNGNTA4QjkwRTVERTQxOUUxMzM3RTA3QTJFOUUyQTNDRDVERUE3MDREMTc1RjhFQkY2QUYzOTdENjlFMTEwQjk2QUZCMTdDN0EwMzI1OTMyOUU0ODI5QjBEMDNCQkM3ODk2QjE1QjRBREU1M0UxMzA4NThDQzM0RDk2MjY5QUE4OTA0MUY0MDkxMzZDNzI0MkEzODg5NUM5RDVCQ0NBRDRGMzg5QUYxRDdBNEJEMTM5OEJEMDcyREZGQTg5NjIzMzM5N0EifSwicHJpbmNpcGFsIjp7ImVtYWlsIjoiNjRkNWY4NTA4YTA0NGRhOTgxZjM1OGExZWQxZGVkOTlAZnhhLWFwaS5zdWlrYS5sYW4ifSwiaWF0IjoxNTk0MzI5ODUwMzc0LCJleHAiOjE1OTQzNTE0NjAzNzQsImZ4YS1nZW5lcmF0aW9uIjoxNTk0MzEyNTE1OTY4LCJmeGEtbGFzdEF1dGhBdCI6MTU5NDMyOTg1OSwiZnhhLXZlcmlmaWVkRW1haWwiOiJzaW1vbkBkZXZudWxsLnpvbmUiLCJmeGEtZGV2aWNlSWQiOiI1ZWQyNTc1YzkzYTQ4ZGExMzc0MTE4NmU1OGRmZGMyZSIsImZ4YS10b2tlblZlcmlmaWVkIjp0cnVlLCJmeGEtYW1yIjpbInB3ZCIsImVtYWlsIl0sImZ4YS1hYWwiOjEsImZ4YS1wcm9maWxlQ2hhbmdlZEF0IjoxNTk0MzEyNTMyNjY1LCJmeGEta2V5c0NoYW5nZWRBdCI6MTU5NDMxMjUxNTk2OCwiaXNzIjoiZnhhLWFwaS5zdWlrYS5sYW4ifQ.MoiW6WDoHWDMpoPkDk6vPR4Dyq3LkRAn_PqdY4MI9Lw9SzZ-uOGZ6jPOUaW6LjQ6o9VY7PqtTv8vUEASPAlq2APBs9FqZMibfziEDeUrVykan0VH5nEvnMf4vLadvLJ6NvxHzAGdY2Wp2vDB6KvteWua-DlzGvFJ_BumnI3dEM4k7VJl1HpYyeyVvF8mdfc7PySyBpf8OhE70eTikusIc0rqgxCYAYFGshXPmNSxrAUqnX8HcPE9BQ5PRna5O3DXJ__CqduAeAljujXYe9ORROGHgXvDe4KCNvMZNT8ClfLrFafo86GCHBCzy8xhhg70Lo4cU9voNqphMVgaH53MfA~eyJhbGciOiJEUzEyOCJ9.eyJleHAiOjIzODI3Mjk4NjAwMDEsImF1ZCI6Imh0dHBzOi8vZnhhLW9hdXRoLnN1aWthLmxhbi92MSJ9.Nid0VnJ8qK57ZHwlqUVxpOIcP7ckv29XzmCz-4Lzq780UubtSGxSrA==","trustedIssuers":"[]","rp":"https://fxa-oauth.dockerhost.lan"}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.441600325Z {"Timestamp":1594329860435000000,"Logger":"browserid-verifier","Type":"ccverifier.computeCluster.debug","Severity":7,"Pid":1,"EnvVersion":"2.0","Fields":{"message":"process 12 completed work in 0.05s"}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.441616219Z {"Timestamp":1594329860435000000,"Logger":"browserid-verifier","Type":"server.message","Severity":6,"Pid":1,"EnvVersion":"2.0","Fields":{"message":"172.20.0.14 - - [09/Jul/2020:21:24:20 +0000] \"POST /v2 HTTP/1.1\" 200 123"}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.441627385Z {"Timestamp":1594329860435000000,"Logger":"browserid-verifier","Type":"summary.info","Severity":6,"Pid":1,"EnvVersion":"2.0","Fields":{"agent":"","remoteAddressChain":"[\"172.20.0.14\"]","api":2,"rp":"https://fxa-oauth.dockerhost.lan","assertion_verification_time":45,"err":"fxa-api.dockerhost.lan is not a browserid primary: Error: unable to verify the first certificate","code":200}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.479061961Z {"Timestamp":1594329860475000000,"Logger":"browserid-verifier","Type":"v1.assertion_verification_time","Severity":6,"Pid":1,"EnvVersion":"2.0","Fields":{"reqTime":58}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.479123994Z {"Timestamp":1594329860475000000,"Logger":"browserid-verifier","Type":"v1.assertion_failure","Severity":6,"Pid":1,"EnvVersion":"2.0"}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.479141970Z {"Timestamp":1594329860476000000,"Logger":"browserid-verifier","Type":"v1.verify","Severity":6,"Pid":1,"EnvVersion":"2.0","Fields":{"result":"failure","reason":"fxa-api.dockerhost.lan is not a browserid primary: Error: unable to verify the first certificate","assertion":"eyJhbGciOiJSUzI1NiIsImtpZCI6IjIwMjAtMDctMDktNDVjM2E0NGFhMWExZGMxMmZhZTU0ZjBlZjI2ZThiYzYifQ.eyJwdWJsaWMta2V5Ijp7ImFsZ29yaXRobSI6IkRTIiwieSI6IkRFMDAwNDQ5RUE4MzVFOTM4NzJEQUFGQjk0OEM1MjVERkYyRjNFRjlERTMwOTlGQzBDNzA2Q0M5MjgxRjgwQzEyQ0YzQjI2QUJFNzU2RDQ0MUVGMjg4NjdDRTBCNTY4ODIyQkE3RTczODM4NjZBREM3NUYzNzFFQkU1MDJBREMyQkFCRDRFMzc4MTMzN0QyQzIwQTc5Nzg5MTY4Mjk0RkZBMzYwRDNCOTJDQUExRDc2RkU5QUQ2MEE2OTlGOEFCRTU2MUFBMzgwQzE2RkNBRDkyM0UwRTc1MUMzMzJERjA1QjZEQzdDRjc2MTIwNjMwRTRBRDgyNjc4MzI1ODY4QzciLCJwIjoiRkY2MDA0ODNEQjZBQkZDNUI0NUVBQjc4NTk0QjM1MzNENTUwRDlGMUJGMkE5OTJBN0E4REFBNkRDMzRGODA0NUFENEU2RTBDNDI5RDMzNEVFRUFBRUZEN0UyM0Q0ODEwQkUwMEU0Q0MxNDkyQ0JBMzI1QkE4MUZGMkQ1QTVCMzA1QThEMTdFQjNCRjRBMDZBMzQ5RDM5MkUwMEQzMjk3NDRBNTE3OTM4MDM0NEU4MkExOEM0NzkzMzQzOEY4OTFFMjJBRUVGODEyRDY5QzhGNzVFMzI2Q0I3MEVBMDAwQzNGNzc2REZEQkQ2MDQ2MzhDMkVGNzE3RkMyNkQwMkUxNyIsInEiOiJFMjFFMDRGOTExRDFFRDc5OTEwMDhFQ0FBQjNCRjc3NTk4NDMwOUMzIiwiZyI6IkM1MkE0QTBGRjNCN0U2MUZERjE4NjdDRTg0MTM4MzY5QTYxNTRGNEFGQTkyOTY2RTNDODI3RTI1Q0ZBNkNGNTA4QjkwRTVERTQxOUUxMzM3RTA3QTJFOUUyQTNDRDVERUE3MDREMTc1RjhFQkY2QUYzOTdENjlFMTEwQjk2QUZCMTdDN0EwMzI1OTMyOUU0ODI5QjBEMDNCQkM3ODk2QjE1QjRBREU1M0UxMzA4NThDQzM0RDk2MjY5QUE4OTA0MUY0MDkxMzZDNzI0MkEzODg5NUM5RDVCQ0NBRDRGMzg5QUYxRDdBNEJEMTM5OEJEMDcyREZGQTg5NjIzMzM5N0EifSwicHJpbmNpcGFsIjp7ImVtYWlsIjoiNjRkNWY4NTA4YTA0NGRhOTgxZjM1OGExZWQxZGVkOTlAZnhhLWFwaS5zdWlrYS5sYW4ifSwiaWF0IjoxNTk0MzI5ODUwMzk0LCJleHAiOjE1OTQzNTE0NjAzOTQsImZ4YS1nZW5lcmF0aW9uIjoxNTk0MzEyNTE1OTY4LCJmeGEtbGFzdEF1dGhBdCI6MTU5NDMyOTg1OSwiZnhhLXZlcmlmaWVkRW1haWwiOiJzaW1vbkBkZXZudWxsLnpvbmUiLCJmeGEtZGV2aWNlSWQiOiI1ZWQyNTc1YzkzYTQ4ZGExMzc0MTE4NmU1OGRmZGMyZSIsImZ4YS10b2tlblZlcmlmaWVkIjp0cnVlLCJmeGEtYW1yIjpbInB3ZCIsImVtYWlsIl0sImZ4YS1hYWwiOjEsImZ4YS1wcm9maWxlQ2hhbmdlZEF0IjoxNTk0MzEyNTMyNjY1LCJmeGEta2V5c0NoYW5nZWRBdCI6MTU5NDMxMjUxNTk2OCwiaXNzIjoiZnhhLWFwaS5zdWlrYS5sYW4ifQ.wsDrJR4pdMZNy2jMZlJQnY3uQIPtrruqG2aMa11AKFDeDnckBcMT-cIs7p01FmnWxDfxf3PwRy0Elud8W18b4DCk2D8ywTDGl3lrPdawg3_8uHWADsSSXRjZcbH1-_XriqVDl56TzzZ1r3ZN9JbpAoMZOmgHlhoukMHrfJvDDvy4s8HH3AjUqbpg_LEDjbwhEZNLNPpnB0RJLPrlbXxJW8oywpbqgbQYG-4unztDCojQdWUWgCdTNIc43uLNv40oEBuwRySj4E-Dumo0ODcWYvssxY4F0GX9SJid2pgK4teQZlfOdeVr76zQTWmQf1J5aQEIfcqpDy8AN-2tYV6O4Q~eyJhbGciOiJEUzEyOCJ9.eyJleHAiOjIzODI3Mjk4NjAwMDAsImF1ZCI6Imh0dHBzOi8vZnhhLXRva2VuLnN1aWthLmxhbiJ9.L6_WjYVALJPPCKw2Da2bv4ddHm5F5QN29vbiaGNNwxwYCsLKdaLXdQ==","trustedIssuers":"[]","rp":"https://fxa-token.dockerhost.lan"}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.479204967Z {"Timestamp":1594329860476000000,"Logger":"browserid-verifier","Type":"ccverifier.computeCluster.debug","Severity":7,"Pid":1,"EnvVersion":"2.0","Fields":{"message":"process 19 completed work in 0.06s"}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.479219688Z {"Timestamp":1594329860477000000,"Logger":"browserid-verifier","Type":"server.message","Severity":6,"Pid":1,"EnvVersion":"2.0","Fields":{"message":"172.20.0.16 - - [09/Jul/2020:21:24:20 +0000] \"POST / HTTP/1.1\" 200 123"}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.479230527Z {"Timestamp":1594329860477000000,"Logger":"browserid-verifier","Type":"summary.info","Severity":6,"Pid":1,"EnvVersion":"2.0","Fields":{"agent":"python-requests/2.20.0","remoteAddressChain":"[\"172.20.0.16\"]","api":1,"rp":"https://fxa-token.dockerhost.lan","assertion_verification_time":58,"err":"fxa-api.dockerhost.lan is not a browserid primary: Error: unable to verify the first certificate","code":200}}
fxa_nginx_1: 2020-07-09T21:24:20.483706257Z 172.20.0.2 - - [09/Jul/2020:21:24:20 +0000] "GET /token/1.0/sync/1.5 HTTP/1.1" 401 110 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:77.0) Gecko/20100101 Firefox/77.0" "10.0.0.103"
fxa_nginx_1: 2020-07-09T21:24:20.505855200Z 172.20.0.2 - - [09/Jul/2020:21:24:20 +0000] "POST /v1/certificate/sign?service=sync HTTP/1.1" 200 1501 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:77.0) Gecko/20100101 Firefox/77.0" "10.0.0.103"
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.519327740Z {"Timestamp":1594329860519000000,"Logger":"browserid-verifier","Type":"ccverifier.computeCluster.debug","Severity":7,"Pid":1,"EnvVersion":"2.0","Fields":{"message":"passing compute job to process 12"}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.548793145Z {"Timestamp":1594329860548000000,"Logger":"browserid-verifier","Type":"v1.assertion_verification_time","Severity":6,"Pid":1,"EnvVersion":"2.0","Fields":{"reqTime":33}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.548856030Z {"Timestamp":1594329860548000000,"Logger":"browserid-verifier","Type":"v1.assertion_failure","Severity":6,"Pid":1,"EnvVersion":"2.0"}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.549461727Z {"Timestamp":1594329860549000000,"Logger":"browserid-verifier","Type":"v1.verify","Severity":6,"Pid":1,"EnvVersion":"2.0","Fields":{"result":"failure","reason":"fxa-api.dockerhost.lan is not a browserid primary: Error: unable to verify the first certificate","assertion":"eyJhbGciOiJSUzI1NiIsImtpZCI6IjIwMjAtMDctMDktNDVjM2E0NGFhMWExZGMxMmZhZTU0ZjBlZjI2ZThiYzYifQ.eyJwdWJsaWMta2V5Ijp7ImFsZ29yaXRobSI6IkRTIiwieSI6IkRFMDAwNDQ5RUE4MzVFOTM4NzJEQUFGQjk0OEM1MjVERkYyRjNFRjlERTMwOTlGQzBDNzA2Q0M5MjgxRjgwQzEyQ0YzQjI2QUJFNzU2RDQ0MUVGMjg4NjdDRTBCNTY4ODIyQkE3RTczODM4NjZBREM3NUYzNzFFQkU1MDJBREMyQkFCRDRFMzc4MTMzN0QyQzIwQTc5Nzg5MTY4Mjk0RkZBMzYwRDNCOTJDQUExRDc2RkU5QUQ2MEE2OTlGOEFCRTU2MUFBMzgwQzE2RkNBRDkyM0UwRTc1MUMzMzJERjA1QjZEQzdDRjc2MTIwNjMwRTRBRDgyNjc4MzI1ODY4QzciLCJwIjoiRkY2MDA0ODNEQjZBQkZDNUI0NUVBQjc4NTk0QjM1MzNENTUwRDlGMUJGMkE5OTJBN0E4REFBNkRDMzRGODA0NUFENEU2RTBDNDI5RDMzNEVFRUFBRUZEN0UyM0Q0ODEwQkUwMEU0Q0MxNDkyQ0JBMzI1QkE4MUZGMkQ1QTVCMzA1QThEMTdFQjNCRjRBMDZBMzQ5RDM5MkUwMEQzMjk3NDRBNTE3OTM4MDM0NEU4MkExOEM0NzkzMzQzOEY4OTFFMjJBRUVGODEyRDY5QzhGNzVFMzI2Q0I3MEVBMDAwQzNGNzc2REZEQkQ2MDQ2MzhDMkVGNzE3RkMyNkQwMkUxNyIsInEiOiJFMjFFMDRGOTExRDFFRDc5OTEwMDhFQ0FBQjNCRjc3NTk4NDMwOUMzIiwiZyI6IkM1MkE0QTBGRjNCN0U2MUZERjE4NjdDRTg0MTM4MzY5QTYxNTRGNEFGQTkyOTY2RTNDODI3RTI1Q0ZBNkNGNTA4QjkwRTVERTQxOUUxMzM3RTA3QTJFOUUyQTNDRDVERUE3MDREMTc1RjhFQkY2QUYzOTdENjlFMTEwQjk2QUZCMTdDN0EwMzI1OTMyOUU0ODI5QjBEMDNCQkM3ODk2QjE1QjRBREU1M0UxMzA4NThDQzM0RDk2MjY5QUE4OTA0MUY0MDkxMzZDNzI0MkEzODg5NUM5RDVCQ0NBRDRGMzg5QUYxRDdBNEJEMTM5OEJEMDcyREZGQTg5NjIzMzM5N0EifSwicHJpbmNpcGFsIjp7ImVtYWlsIjoiNjRkNWY4NTA4YTA0NGRhOTgxZjM1OGExZWQxZGVkOTlAZnhhLWFwaS5zdWlrYS5sYW4ifSwiaWF0IjoxNTk0MzI5ODUwNDk5LCJleHAiOjE1OTQzNTE0NjA0OTksImZ4YS1nZW5lcmF0aW9uIjoxNTk0MzEyNTE1OTY4LCJmeGEtbGFzdEF1dGhBdCI6MTU5NDMyOTg1OSwiZnhhLXZlcmlmaWVkRW1haWwiOiJzaW1vbkBkZXZudWxsLnpvbmUiLCJmeGEtZGV2aWNlSWQiOiI1ZWQyNTc1YzkzYTQ4ZGExMzc0MTE4NmU1OGRmZGMyZSIsImZ4YS10b2tlblZlcmlmaWVkIjp0cnVlLCJmeGEtYW1yIjpbInB3ZCIsImVtYWlsIl0sImZ4YS1hYWwiOjEsImZ4YS1wcm9maWxlQ2hhbmdlZEF0IjoxNTk0MzEyNTMyNjY1LCJmeGEta2V5c0NoYW5nZWRBdCI6MTU5NDMxMjUxNTk2OCwiaXNzIjoiZnhhLWFwaS5zdWlrYS5sYW4ifQ.R9K2mTDc4BD5xFBkHt7QqyNSGXvuUpGlCw2d_McwDPwjvxYGXvHlFkJxYJPRE0GxVzRjrK9VIJ9YwSurUKYPbHv6qOax1lvQG-yMO04q6akOYnBqy2OEKoPoR6GZTBCuT92DKWOLSghC4KKMN0YEkeG9fQJAq0ATlFtwTJFe1Ii4Jw-FCn1tx-vfIu7OipNE6gphZDgpTDLOUiMbROvkEIplkeQsxOGfHEjP1OEGUQbq8iPsGNSOPc9IuoDQCkBQk3HJBOfazxXa5h8GQkrCJ5JV4QYpT3eGh8Bnneqier7-ctT7iRm54pWo-_DNFwym4plcwPejxiYKP-EDQ2_7KA~eyJhbGciOiJEUzEyOCJ9.eyJleHAiOjIzODI3Mjk4NjAwMDEsImF1ZCI6Imh0dHBzOi8vZnhhLXRva2VuLnN1aWthLmxhbiJ9.Aa4n7518QSluwfIA5H0LbVu1yYo9GxSFu74yHBJxQVoo4goIK5xq7Q==","trustedIssuers":"[]","rp":"https://fxa-token.dockerhost.lan"}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.549560671Z {"Timestamp":1594329860549000000,"Logger":"browserid-verifier","Type":"ccverifier.computeCluster.debug","Severity":7,"Pid":1,"EnvVersion":"2.0","Fields":{"message":"process 12 completed work in 0.03s"}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.549681490Z {"Timestamp":1594329860549000000,"Logger":"browserid-verifier","Type":"server.message","Severity":6,"Pid":1,"EnvVersion":"2.0","Fields":{"message":"172.20.0.16 - - [09/Jul/2020:21:24:20 +0000] \"POST / HTTP/1.1\" 200 123"}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.549764395Z {"Timestamp":1594329860549000000,"Logger":"browserid-verifier","Type":"summary.info","Severity":6,"Pid":1,"EnvVersion":"2.0","Fields":{"agent":"python-requests/2.20.0","remoteAddressChain":"[\"172.20.0.16\"]","api":1,"rp":"https://fxa-token.dockerhost.lan","assertion_verification_time":33,"err":"fxa-api.dockerhost.lan is not a browserid primary: Error: unable to verify the first certificate","code":200}}
fxa_nginx_1: 2020-07-09T21:24:20.551379336Z 172.20.0.2 - - [09/Jul/2020:21:24:20 +0000] "GET /token/1.0/sync/1.5 HTTP/1.1" 401 110 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:77.0) Gecko/20100101 Firefox/77.0" "10.0.0.103"
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.580158059Z {"Timestamp":1594329860579000000,"Logger":"browserid-verifier","Type":"ccverifier.computeCluster.debug","Severity":7,"Pid":1,"EnvVersion":"2.0","Fields":{"message":"passing compute job to process 12"}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.611072952Z {"Timestamp":1594329860610000000,"Logger":"browserid-verifier","Type":"v2.assertion_verification_time","Severity":6,"Pid":1,"EnvVersion":"2.0","Fields":{"reqTime":31}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.611154200Z {"Timestamp":1594329860610000000,"Logger":"browserid-verifier","Type":"v2.assertion_failure","Severity":6,"Pid":1,"EnvVersion":"2.0"}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.611685755Z {"Timestamp":1594329860611000000,"Logger":"browserid-verifier","Type":"v2.verify","Severity":6,"Pid":1,"EnvVersion":"2.0","Fields":{"result":"failure","reason":"fxa-api.dockerhost.lan is not a browserid primary: Error: unable to verify the first certificate","assertion":"eyJhbGciOiJSUzI1NiIsImtpZCI6IjIwMjAtMDctMDktNDVjM2E0NGFhMWExZGMxMmZhZTU0ZjBlZjI2ZThiYzYifQ.eyJwdWJsaWMta2V5Ijp7ImFsZ29yaXRobSI6IkRTIiwieSI6IkRFMDAwNDQ5RUE4MzVFOTM4NzJEQUFGQjk0OEM1MjVERkYyRjNFRjlERTMwOTlGQzBDNzA2Q0M5MjgxRjgwQzEyQ0YzQjI2QUJFNzU2RDQ0MUVGMjg4NjdDRTBCNTY4ODIyQkE3RTczODM4NjZBREM3NUYzNzFFQkU1MDJBREMyQkFCRDRFMzc4MTMzN0QyQzIwQTc5Nzg5MTY4Mjk0RkZBMzYwRDNCOTJDQUExRDc2RkU5QUQ2MEE2OTlGOEFCRTU2MUFBMzgwQzE2RkNBRDkyM0UwRTc1MUMzMzJERjA1QjZEQzdDRjc2MTIwNjMwRTRBRDgyNjc4MzI1ODY4QzciLCJwIjoiRkY2MDA0ODNEQjZBQkZDNUI0NUVBQjc4NTk0QjM1MzNENTUwRDlGMUJGMkE5OTJBN0E4REFBNkRDMzRGODA0NUFENEU2RTBDNDI5RDMzNEVFRUFBRUZEN0UyM0Q0ODEwQkUwMEU0Q0MxNDkyQ0JBMzI1QkE4MUZGMkQ1QTVCMzA1QThEMTdFQjNCRjRBMDZBMzQ5RDM5MkUwMEQzMjk3NDRBNTE3OTM4MDM0NEU4MkExOEM0NzkzMzQzOEY4OTFFMjJBRUVGODEyRDY5QzhGNzVFMzI2Q0I3MEVBMDAwQzNGNzc2REZEQkQ2MDQ2MzhDMkVGNzE3RkMyNkQwMkUxNyIsInEiOiJFMjFFMDRGOTExRDFFRDc5OTEwMDhFQ0FBQjNCRjc3NTk4NDMwOUMzIiwiZyI6IkM1MkE0QTBGRjNCN0U2MUZERjE4NjdDRTg0MTM4MzY5QTYxNTRGNEFGQTkyOTY2RTNDODI3RTI1Q0ZBNkNGNTA4QjkwRTVERTQxOUUxMzM3RTA3QTJFOUUyQTNDRDVERUE3MDREMTc1RjhFQkY2QUYzOTdENjlFMTEwQjk2QUZCMTdDN0EwMzI1OTMyOUU0ODI5QjBEMDNCQkM3ODk2QjE1QjRBREU1M0UxMzA4NThDQzM0RDk2MjY5QUE4OTA0MUY0MDkxMzZDNzI0MkEzODg5NUM5RDVCQ0NBRDRGMzg5QUYxRDdBNEJEMTM5OEJEMDcyREZGQTg5NjIzMzM5N0EifSwicHJpbmNpcGFsIjp7ImVtYWlsIjoiNjRkNWY4NTA4YTA0NGRhOTgxZjM1OGExZWQxZGVkOTlAZnhhLWFwaS5zdWlrYS5sYW4ifSwiaWF0IjoxNTk0MzI5ODUwNDk5LCJleHAiOjE1OTQzNTE0NjA0OTksImZ4YS1nZW5lcmF0aW9uIjoxNTk0MzEyNTE1OTY4LCJmeGEtbGFzdEF1dGhBdCI6MTU5NDMyOTg1OSwiZnhhLXZlcmlmaWVkRW1haWwiOiJzaW1vbkBkZXZudWxsLnpvbmUiLCJmeGEtZGV2aWNlSWQiOiI1ZWQyNTc1YzkzYTQ4ZGExMzc0MTE4NmU1OGRmZGMyZSIsImZ4YS10b2tlblZlcmlmaWVkIjp0cnVlLCJmeGEtYW1yIjpbInB3ZCIsImVtYWlsIl0sImZ4YS1hYWwiOjEsImZ4YS1wcm9maWxlQ2hhbmdlZEF0IjoxNTk0MzEyNTMyNjY1LCJmeGEta2V5c0NoYW5nZWRBdCI6MTU5NDMxMjUxNTk2OCwiaXNzIjoiZnhhLWFwaS5zdWlrYS5sYW4ifQ.R9K2mTDc4BD5xFBkHt7QqyNSGXvuUpGlCw2d_McwDPwjvxYGXvHlFkJxYJPRE0GxVzRjrK9VIJ9YwSurUKYPbHv6qOax1lvQG-yMO04q6akOYnBqy2OEKoPoR6GZTBCuT92DKWOLSghC4KKMN0YEkeG9fQJAq0ATlFtwTJFe1Ii4Jw-FCn1tx-vfIu7OipNE6gphZDgpTDLOUiMbROvkEIplkeQsxOGfHEjP1OEGUQbq8iPsGNSOPc9IuoDQCkBQk3HJBOfazxXa5h8GQkrCJ5JV4QYpT3eGh8Bnneqier7-ctT7iRm54pWo-_DNFwym4plcwPejxiYKP-EDQ2_7KA~eyJhbGciOiJEUzEyOCJ9.eyJleHAiOjIzODI3Mjk4NjAwNTQsImF1ZCI6Imh0dHBzOi8vZnhhLW9hdXRoLnN1aWthLmxhbi92MSJ9.EOqbawFMbwQJNcwLCXA0f61_L0qkTpEnB9D3hNk8JYag9bcWf3uCmw==","trustedIssuers":"[]","rp":"https://fxa-oauth.dockerhost.lan"}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.611741066Z {"Timestamp":1594329860611000000,"Logger":"browserid-verifier","Type":"ccverifier.computeCluster.debug","Severity":7,"Pid":1,"EnvVersion":"2.0","Fields":{"message":"process 12 completed work in 0.03s"}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.611905920Z {"Timestamp":1594329860611000000,"Logger":"browserid-verifier","Type":"server.message","Severity":6,"Pid":1,"EnvVersion":"2.0","Fields":{"message":"172.20.0.14 - - [09/Jul/2020:21:24:20 +0000] \"POST /v2 HTTP/1.1\" 200 123"}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.611933636Z {"Timestamp":1594329860611000000,"Logger":"browserid-verifier","Type":"summary.info","Severity":6,"Pid":1,"EnvVersion":"2.0","Fields":{"agent":"","remoteAddressChain":"[\"172.20.0.14\"]","api":2,"rp":"https://fxa-oauth.dockerhost.lan","assertion_verification_time":31,"err":"fxa-api.dockerhost.lan is not a browserid primary: Error: unable to verify the first certificate","code":200}}
fxa_nginx_1: 2020-07-09T21:24:20.613137350Z 172.20.0.2 - - [09/Jul/2020:21:24:20 +0000] "POST /v1/authorization HTTP/1.1" 401 176 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:77.0) Gecko/20100101 Firefox/77.0" "10.0.0.103"
2020-07-09T21:24:20.613386537Z {"Timestamp":1594329860613000000,"Logger":"fxa-auth-server","Type":"metricsEvents.emitFlowEvent","Severity":2,"Pid":39,"EnvVersion":"2.0","Fields":{"event":"route./authorization.401.999","missingFlowId":true}}
fxa_nginx_1: 2020-07-09T21:24:20.630749219Z 172.20.0.2 - - [09/Jul/2020:21:24:20 +0000] "POST /v1/certificate/sign?service=sync HTTP/1.1" 200 1502 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:77.0) Gecko/20100101 Firefox/77.0" "10.0.0.103"
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.640593424Z {"Timestamp":1594329860640000000,"Logger":"browserid-verifier","Type":"ccverifier.computeCluster.debug","Severity":7,"Pid":1,"EnvVersion":"2.0","Fields":{"message":"passing compute job to process 12"}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.669445935Z {"Timestamp":1594329860669000000,"Logger":"browserid-verifier","Type":"v2.assertion_verification_time","Severity":6,"Pid":1,"EnvVersion":"2.0","Fields":{"reqTime":30}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.669496074Z {"Timestamp":1594329860669000000,"Logger":"browserid-verifier","Type":"v2.assertion_failure","Severity":6,"Pid":1,"EnvVersion":"2.0"}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.670142687Z {"Timestamp":1594329860669000000,"Logger":"browserid-verifier","Type":"v2.verify","Severity":6,"Pid":1,"EnvVersion":"2.0","Fields":{"result":"failure","reason":"fxa-api.dockerhost.lan is not a browserid primary: Error: unable to verify the first certificate","assertion":"eyJhbGciOiJSUzI1NiIsImtpZCI6IjIwMjAtMDctMDktNDVjM2E0NGFhMWExZGMxMmZhZTU0ZjBlZjI2ZThiYzYifQ.eyJwdWJsaWMta2V5Ijp7ImFsZ29yaXRobSI6IkRTIiwieSI6IkRFMDAwNDQ5RUE4MzVFOTM4NzJEQUFGQjk0OEM1MjVERkYyRjNFRjlERTMwOTlGQzBDNzA2Q0M5MjgxRjgwQzEyQ0YzQjI2QUJFNzU2RDQ0MUVGMjg4NjdDRTBCNTY4ODIyQkE3RTczODM4NjZBREM3NUYzNzFFQkU1MDJBREMyQkFCRDRFMzc4MTMzN0QyQzIwQTc5Nzg5MTY4Mjk0RkZBMzYwRDNCOTJDQUExRDc2RkU5QUQ2MEE2OTlGOEFCRTU2MUFBMzgwQzE2RkNBRDkyM0UwRTc1MUMzMzJERjA1QjZEQzdDRjc2MTIwNjMwRTRBRDgyNjc4MzI1ODY4QzciLCJwIjoiRkY2MDA0ODNEQjZBQkZDNUI0NUVBQjc4NTk0QjM1MzNENTUwRDlGMUJGMkE5OTJBN0E4REFBNkRDMzRGODA0NUFENEU2RTBDNDI5RDMzNEVFRUFBRUZEN0UyM0Q0ODEwQkUwMEU0Q0MxNDkyQ0JBMzI1QkE4MUZGMkQ1QTVCMzA1QThEMTdFQjNCRjRBMDZBMzQ5RDM5MkUwMEQzMjk3NDRBNTE3OTM4MDM0NEU4MkExOEM0NzkzMzQzOEY4OTFFMjJBRUVGODEyRDY5QzhGNzVFMzI2Q0I3MEVBMDAwQzNGNzc2REZEQkQ2MDQ2MzhDMkVGNzE3RkMyNkQwMkUxNyIsInEiOiJFMjFFMDRGOTExRDFFRDc5OTEwMDhFQ0FBQjNCRjc3NTk4NDMwOUMzIiwiZyI6IkM1MkE0QTBGRjNCN0U2MUZERjE4NjdDRTg0MTM4MzY5QTYxNTRGNEFGQTkyOTY2RTNDODI3RTI1Q0ZBNkNGNTA4QjkwRTVERTQxOUUxMzM3RTA3QTJFOUUyQTNDRDVERUE3MDREMTc1RjhFQkY2QUYzOTdENjlFMTEwQjk2QUZCMTdDN0EwMzI1OTMyOUU0ODI5QjBEMDNCQkM3ODk2QjE1QjRBREU1M0UxMzA4NThDQzM0RDk2MjY5QUE4OTA0MUY0MDkxMzZDNzI0MkEzODg5NUM5RDVCQ0NBRDRGMzg5QUYxRDdBNEJEMTM5OEJEMDcyREZGQTg5NjIzMzM5N0EifSwicHJpbmNpcGFsIjp7ImVtYWlsIjoiNjRkNWY4NTA4YTA0NGRhOTgxZjM1OGExZWQxZGVkOTlAZnhhLWFwaS5zdWlrYS5sYW4ifSwiaWF0IjoxNTk0MzI5ODUwNjI1LCJleHAiOjE1OTQzNTE0NjA2MjUsImZ4YS1nZW5lcmF0aW9uIjoxNTk0MzEyNTE1OTY4LCJmeGEtbGFzdEF1dGhBdCI6MTU5NDMyOTg1OSwiZnhhLXZlcmlmaWVkRW1haWwiOiJzaW1vbkBkZXZudWxsLnpvbmUiLCJmeGEtZGV2aWNlSWQiOiI1ZWQyNTc1YzkzYTQ4ZGExMzc0MTE4NmU1OGRmZGMyZSIsImZ4YS10b2tlblZlcmlmaWVkIjp0cnVlLCJmeGEtYW1yIjpbInB3ZCIsImVtYWlsIl0sImZ4YS1hYWwiOjEsImZ4YS1wcm9maWxlQ2hhbmdlZEF0IjoxNTk0MzEyNTMyNjY1LCJmeGEta2V5c0NoYW5nZWRBdCI6MTU5NDMxMjUxNTk2OCwiaXNzIjoiZnhhLWFwaS5zdWlrYS5sYW4ifQ.0WoOThkmPtrOSPjOyfu9yapMf-uJ6mCDzRFvL5YZ2d8MDtyFgZBwg9Jby2mg5TuOFgLR2eVUHbs-8KDETFO41JrhGA4TFdoCPhsKu8-jfgnOeGxUdLW1__B5QUsxwROThe4juBmk_dxMsH3a_B_Qi3p0CAYOgsGwRvwzRwKC-QH0ts1ff74KR8y58Y4Vj6poseWIMFPoLZK6Uef_YiIWgvbUeEQjpN9pX1PpMYXSKSmUdHYqXwqbJNLkAhnVn4miUBvsgkKR_1ecHE-u6FEp5rXOlOn16QExicanAnnQ8RegggO6VAgZEvmkUEExOfEmWBnBvdkbxChv4zMNfyVCSw~eyJhbGciOiJEUzEyOCJ9.eyJleHAiOjIzODI3Mjk4NjAwMDAsImF1ZCI6Imh0dHBzOi8vZnhhLW9hdXRoLnN1aWthLmxhbi92MSJ9.pWyARExy73ABoSAwxkDFoKJO6aKhl7bApK_AowiwS-YMUnZIUAv_XQ==","trustedIssuers":"[]","rp":"https://fxa-oauth.dockerhost.lan"}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.670175106Z {"Timestamp":1594329860670000000,"Logger":"browserid-verifier","Type":"ccverifier.computeCluster.debug","Severity":7,"Pid":1,"EnvVersion":"2.0","Fields":{"message":"process 12 completed work in 0.03s"}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.670370793Z {"Timestamp":1594329860670000000,"Logger":"browserid-verifier","Type":"server.message","Severity":6,"Pid":1,"EnvVersion":"2.0","Fields":{"message":"172.20.0.14 - - [09/Jul/2020:21:24:20 +0000] \"POST /v2 HTTP/1.1\" 200 123"}}
fxa_browseridverifier.local_1: 2020-07-09T21:24:20.670428408Z {"Timestamp":1594329860670000000,"Logger":"browserid-verifier","Type":"summary.info","Severity":6,"Pid":1,"EnvVersion":"2.0","Fields":{"agent":"","remoteAddressChain":"[\"172.20.0.14\"]","api":2,"rp":"https://fxa-oauth.dockerhost.lan","assertion_verification_time":30,"err":"fxa-api.dockerhost.lan is not a browserid primary: Error: unable to verify the first certificate","code":200}}
fxa_nginx_1: 2020-07-09T21:24:20.671017763Z 172.20.0.2 - - [09/Jul/2020:21:24:20 +0000] "POST /v1/authorization HTTP/1.1" 401 176 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:77.0) Gecko/20100101 Firefox/77.0" "10.0.0.103"
2020-07-09T21:24:20.671234486Z {"Timestamp":1594329860671000000,"Logger":"fxa-auth-server","Type":"metricsEvents.emitFlowEvent","Severity":2,"Pid":39,"EnvVersion":"2.0","Fields":{"event":"route./authorization.401.999","missingFlowId":true}}
jackyzy823
commented
4 years ago Have you tried to add NODE_TLS_REJECT_UNAUTHORIZED=0 in browseridverifier.local ?
or set INSECURE_SSL=true in browseridverifier.local ?
Reference: https://github.com/mozilla/browserid-local-verify/blob/7d7d2cdb5aa7f6494e144e9a4151a84aecf905fa/lib/lookup.js#L129-L163 espically
rejectUnauthorized: !args.insecureSSL,Yeah, INSECURE_SSL=true is the key to make it work.
Now Kinto is the one complaining.
python requests has it's own ca-cert bundle and does not use the system ca-cert bundle
REQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crtis needed for kinto to work with self-signed certs, if you added it to the CA store.
Suika
commented
4 years ago Ok, found the solution.
Nodejs is using NODE_EXTRA_CA_CERTS and Python-Requests is using REQUESTS_CA_BUNDLE. Because why use system provided CAs, when you can use your own. ffs
browseridverifier.local needs either INSECURE_SSL=true or NODE_EXTRA_CA_CERTS=/etc/ssl/certs/ca-certificates.crt
fxa-auth-server needs either NODE_TLS_REJECT_UNAUTHORIZED=0 or NODE_EXTRA_CA_CERTS=/etc/ssl/certs/ca-certificates.crt
fxa-profile-server needs either NODE_TLS_REJECT_UNAUTHORIZED=0 or NODE_EXTRA_CA_CERTS=/etc/ssl/certs/ca-certificates.crt
kinto needs REQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt or CURL_CA_BUNDLE=""
https://stackoverflow.com/questions/48391750/disable-python-requests-ssl-validation-for-an-imported-module
After this, things should work as intended with self-signed certs.
jackyzy823
commented
4 years ago Hello @Suika
I've made a branch full-selfsign to make FxA works under fully self signed env which mostly LAN network.
Details are under examples/full_selfsign
It would be appreciated that you can test this branch.
Suika
commented
4 years ago Since it's a bit of a pain for me to setup another environment ATM, I'll try it at a later date.
But from looking at the changes in the full-selfsign branch, the cert generation and validity are ok.
The rest of REQUESTS_CA_BUNDLE and REQUESTS_CA_BUNDLE make sense, since it works on my side. With the exception that I use the whole CA bundle and not exclusively the generated CA.
I'll check the whole setup at a later date.
But while I'm at it, is it really needed that the services have to talk via nginx? I know that it's easier to configure it like that and it also makes sense to use uniform addresses everywhere. But technically all the services, if they need to talk to each other, they can talk via http inside the docker/k8s network. Never leaving the inner network. Having only the browser talk to the services via the proxy. Since the main problem of all services is talking to each other, internally.
jackyzy823
commented
4 years ago But while I'm at it, is it really needed that the services have to talk via nginx? I know that it's easier to configure it like that and it also makes sense to use uniform addresses everywhere. But technically all the services, if they need to talk to each other, they can talk via http inside the docker/k8s network. Never leaving the inner network. Having only the browser talk to the services via the proxy. Since the main problem of all services is talking to each other, internally.
You're right . However it's too time-consuming on distinguish which url in ENV is for internal visit or public visit.
I'll try to dig into these deeper in future.
DavidGhiro
commented
3 years ago I have tested half of branch. And it works. I use NODE_EXTRA_CA_CERTS and REQUESTS_CA_BUNDLE part in combination with a patched ca-certificates.crt (own root ca added) in all container via volumes.
volumes:
- ./combinedCert.pem:/etc/ssl/certs/ca-certificates.crt:ro
- ./combinedCert.pem:/etc/ssl/cert.pem:ro
environment:
- NODE_EXTRA_CA_CERTS=/etc/ssl/certs/ca-certificates.crt
- REQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt
Hi, nice seeing that someone tackled the... mess that is fxa. I think most of the services are running properly except the fxa_fxa-profile-server that has a problem with self-signed certificates.
I'm cheating the whole thing a bit, because I want to serve everything on 80/443 with self-signed certificates and have it go through traefik. If you look at the Compose file at the bottom it's basically: Me > Browser > traefik (443) > nginx(80) > other services
I mounted the
/etc/ssl:/etc/ssl:roin hopes that the system would pick up on the host Root CAs, but it doesn't seem to do that for Node applications in this case.Any idea?
Response from profileserver
https://fxa-profile.dockerhost.lan/v1/profile:From: nginx
From: fxa_fxa-auth-server_1
From: fxa_fxa-auth-db-mysql_1
From: fxa_fxa-profile-server
copmose: