GRPC certificate generation is failing for long urls

ruromero commented 2 years ago

When long GRPC routes are used, the certificate generation fails with the following error:

--------------------------- Ansible Task StdOut -------------------------------

TASK [microcks : The Microks GRPC certs are generated] *************************
task path: /opt/ansible/roles/microcks/tasks/main.yml:334

-------------------------------------------------------------------------------
{"level":"info","ts":1626808452.0495095,"logger":"logging_event_handler","msg":"[playbook task]","name":"some-microcks","namespace":"xxxxx-yyyyyyy-common","gvk":"microcks.github.io/v1alpha1, Kind=MicrocksInstall","event_type":"playbook_on_task_start","job":"6129484611666145821","EventData.Name":"microcks : The Microks GRPC certs are generated"}
{"level":"error","ts":1626808452.779658,"logger":"logging_event_handler","msg":"","name":"some-microcks","namespace":"xxxxx-yyyyyyy-common","gvk":"microcks.github.io/v1alpha1, Kind=MicrocksInstall","event_type":"runner_on_failed","job":"6129484611666145821","EventData.Task":"The Microks GRPC certs are generated","EventData.TaskArgs":"","EventData.FailedTaskPath":"/opt/ansible/roles/microcks/tasks/main.yml:334","error":"[playbook task failed]","stacktrace":"github.com/go-logr/zapr.(*zapLogger).Error\n\tpkg/mod/github.com/go-logr/zapr@v0.1.1/zapr.go:128\ngithub.com/operator-framework/operator-sdk/pkg/ansible/events.loggingEventHandler.Handle\n\tsrc/github.com/operator-framework/operator-sdk/pkg/ansible/events/log_events.go:87"}

--------------------------- Ansible Task StdOut -------------------------------

 TASK [The Microks GRPC certs are generated] ******************************** 
fatal: [localhost]: FAILED! => {"changed": true, "cmd": ["openssl", "req", "-x509", "-nodes", "-days", "3650", "-newkey", "rsa:2048", "-keyout", "microcks-grpc.key", "-out", "microcks-grpc.crt", "-subj", "/CN=some-microcks-xxxxx-yyyyyyy-common.apps.mw-ocp4.cloud.lab.eng.bos.redhat.com", "-extensions", "san", "-config", "microcks-grpc.cnf"], "delta": "0:00:00.068440", "end": "2021-07-20 19:14:12.739156", "msg": "non-zero return code", "rc": 1, "start": "2021-07-20 19:14:12.670716", "stderr": "Generating a RSA private key\n.............+++++\n.........................+++++\nwriting new private key to 'microcks-grpc.key'\n-----\nproblems making Certificate Request\n140581912262464:error:0D07A097:asn1 encoding routines:ASN1_mbstring_ncopy:string too long:crypto/asn1/a_mbstr.c:107:maxsize=64", "stderr_lines": ["Generating a RSA private key", ".............+++++", ".........................+++++", "writing new private key to 'microcks-grpc.key'", "-----", "problems making Certificate Request", "140581912262464:error:0D07A097:asn1 encoding routines:ASN1_mbstring_ncopy:string too long:crypto/asn1/a_mbstr.c:107:maxsize=64"], "stdout": "", "stdout_lines": []}

lbroudoux commented 2 years ago

Great! Thanks for the analysis. Made a first rapid test and it seems to work just adding a | truncate(64). I did not have such long CN when testing sorry 😉

lbroudoux commented 2 years ago

Resolution will be managed through #42

ruromero commented 2 years ago

Thanks for the quick fix @lbroudoux

microcks / microcks-ansible-operator

GRPC certificate generation is failing for long urls #39