Re: Error 500 when testing new v229 CF deployment

Dieu Cao <dcao@...>

Sorry, I skimmed over that particular snippet.
Based on that description, perhaps then double checking your entry for
router.ssl_cert and router.ssl_key and comparing against your existing
deployment's manifest might help?


On Wed, Jan 27, 2016 at 4:41 PM, James Leavers <james(a)> wrote:


The cert in router.ssl_cert is a real, CA-signed cert that has been
successfully used in a previous CF install - the only thing that was
generated locally with openssl was the jwt signing keys, and consul
certs/keys using the provided script.

I have tried changing ssl.skip_cert_verify to false, but sadly no change.

Looking at the bug you mention, their logs have a clearer indication that
the invalid cert was to blame:

{"timestamp":1453748741.968373,"message":"Request failed: 500:
{\"code\"=>10001, \"description\"=>\"Invalid SSL Cert for Use
'--skip-ssl-validation' to continue with an insecure target\

Whereas the error I'm getting is different, although I agree it must be
SSL-related in some way:

{"timestamp":1453833820.1408544,"message":"Request failed: 500:
{\"code\"=>10001, \"description\"=>\"Neither PUB key nor PRIV key: header
too long\", \"error_code\"=>\"CF-RSAError\",

I have since tried changing pretty much every SSL-related property to
false / http in the manifest but nothing has made a difference so far.


Join { to automatically receive all group messages.