When running Keystone w/ PKI enabled I'm seeing the following errors using MySQL:
/usr/lib64/python2.7/site-packages/sqlalchemy/engine/default.py:331: Warning: Data truncated for column 'id' at row 1
cursor.execute(statement, parameters)
On PostgreSQL you'll see this exception:
2012-07-30 20:33:41 ERROR [root] (DataError) value too long for type character varying(2048)
----
I added some diagnostics to the cms module and it looks like its trying to store the following text in the 'id' column (quite a bit bigger than the column size which is VARCHAR 2048):
-----BEGIN CMS-----
MIILkwYJKoZIhvcNAQcCoIILhDCCC4ACAQExCTAHBgUrDgMCGjCCCekGCSqGSIb3
DQEHAaCCCdoEggnWeyJhY2Nlc3MiOiB7InRva2VuIjogeyJleHBpcmVzIjogIjIw
MTItMDgtMDFUMDM6MTM6NTdaIiwgImlkIjogInBsYWNlaG9sZGVyIiwgInRlbmFu
dCI6IHsiZW5hYmxlZCI6IHRydWUsICJkZXNjcmlwdGlvbiI6IG51bGwsICJuYW1l
IjogImFkbWluIiwgImlkIjogIjVlNGQ1ZDRmYmRkNzRkNDNhNTZjMTU1MWRlZjQ2
OTY0In19LCAic2VydmljZUNhdGFsb2ciOiBbeyJlbmRwb2ludHMiOiBbeyJhZG1p
blVSTCI6ICJodHRwOi8vbG9jYWxob3N0Ojg3NzQvdjEuMS81ZTRkNWQ0ZmJkZDc0
ZDQzYTU2YzE1NTFkZWY0Njk2NCIsICJyZWdpb24iOiAiUmVnaW9uT25lIiwgInB1
YmxpY1VSTCI6ICJodHRwOi8vbG9jYWxob3N0Ojg3NzQvdjEuMS81ZTRkNWQ0ZmJk
ZDc0ZDQzYTU2YzE1NTFkZWY0Njk2NCIsICJpbnRlcm5hbFVSTCI6ICJodHRwOi8v
bG9jYWxob3N0Ojg3NzQvdjEuMS81ZTRkNWQ0ZmJkZDc0ZDQzYTU2YzE1NTFkZWY0
Njk2NCJ9XSwgImVuZHBvaW50c19saW5rcyI6IFtdLCAidHlwZSI6ICJjb21wdXRl
IiwgIm5hbWUiOiAiJ0NvbXB1dGUgU2VydmljZScifSwgeyJlbmRwb2ludHMiOiBb
eyJhZG1pblVSTCI6ICJodHRwOi8vbG9jYWxob3N0OjMzMzMiLCAicmVnaW9uIjog
IlJlZ2lvbk9uZSIsICJwdWJsaWNVUkwiOiAiaHR0cDovL2xvY2FsaG9zdDozMzMz
IiwgImludGVybmFsVVJMIjogImh0dHA6Ly9sb2NhbGhvc3Q6MzMzMyJ9XSwgImVu
ZHBvaW50c19saW5rcyI6IFtdLCAidHlwZSI6ICJzMyIsICJuYW1lIjogIidTMyBT
ZXJ2aWNlJyJ9LCB7ImVuZHBvaW50cyI6IFt7ImFkbWluVVJMIjogImh0dHA6Ly9s
b2NhbGhvc3Q6OTI5Mi92MSIsICJyZWdpb24iOiAiUmVnaW9uT25lIiwgInB1Ymxp
Y1VSTCI6ICJodHRwOi8vbG9jYWxob3N0OjkyOTIvdjEiLCAiaW50ZXJuYWxVUkwi
OiAiaHR0cDovL2xvY2FsaG9zdDo5MjkyL3YxIn1dLCAiZW5kcG9pbnRzX2xpbmtz
IjogW10sICJ0eXBlIjogImltYWdlIiwgIm5hbWUiOiAiJ0ltYWdlIFNlcnZpY2Un
In0sIHsiZW5kcG9pbnRzIjogW3siYWRtaW5VUkwiOiAiaHR0cDovL2xvY2FsaG9z
dDo4Nzc2L3YxLzVlNGQ1ZDRmYmRkNzRkNDNhNTZjMTU1MWRlZjQ2OTY0IiwgInJl
Z2lvbiI6ICJSZWdpb25PbmUiLCAicHVibGljVVJMIjogImh0dHA6Ly9sb2NhbGhv
c3Q6ODc3Ni92MS81ZTRkNWQ0ZmJkZDc0ZDQzYTU2YzE1NTFkZWY0Njk2NCIsICJp
bnRlcm5hbFVSTCI6ICJodHRwOi8vbG9jYWxob3N0Ojg3NzYvdjEvNWU0ZDVkNGZi
ZGQ3NGQ0M2E1NmMxNTUxZGVmNDY5NjQifV0sICJlbmRwb2ludHNfbGlua3MiOiBb
XSwgInR5cGUiOiAidm9sdW1lIiwgIm5hbWUiOiAiJ1ZvbHVtZSBTZXJ2aWNlJyJ9
LCB7ImVuZHBvaW50cyI6IFt7ImFkbWluVVJMIjogImh0dHA6Ly9sb2NhbGhvc3Q6
ODc3My9zZXJ2aWNlcy9BZG1pbiIsICJyZWdpb24iOiAiUmVnaW9uT25lIiwgInB1
YmxpY1VSTCI6ICJodHRwOi8vbG9jYWxob3N0Ojg3NzMvc2VydmljZXMvQ2xvdWQi
LCAiaW50ZXJuYWxVUkwiOiAiaHR0cDovL2xvY2FsaG9zdDo4NzczL3NlcnZpY2Vz
L0Nsb3VkIn1dLCAiZW5kcG9pbnRzX2xpbmtzIjogW10sICJ0eXBlIjogImVjMiIs
ICJuYW1lIjogIidFQzIgU2VydmljZScifSwgeyJlbmRwb2ludHMiOiBbeyJhZG1p
blVSTCI6ICJodHRwOi8vbG9jYWxob3N0OjgwODAvIiwgInJlZ2lvbiI6ICJSZWdp
b25PbmUiLCAicHVibGljVVJMIjogImh0dHA6Ly9sb2NhbGhvc3Q6ODA4MC92MS9B
VVRIXzVlNGQ1ZDRmYmRkNzRkNDNhNTZjMTU1MWRlZjQ2OTY0IiwgImludGVybmFs
VVJMIjogImh0dHA6Ly9sb2NhbGhvc3Q6ODA4MC92MS9BVVRIXzVlNGQ1ZDRmYmRk
NzRkNDNhNTZjMTU1MWRlZjQ2OTY0In1dLCAiZW5kcG9pbnRzX2xpbmtzIjogW10s
ICJ0eXBlIjogIm9iamVjdC1zdG9yZSIsICJuYW1lIjogIidPYmplY3QgU3RvcmFn
ZSBTZXJ2aWNlJyJ9LCB7ImVuZHBvaW50cyI6IFt7ImFkbWluVVJMIjogImh0dHA6
Ly9sb2NhbGhvc3Q6MzUzNTcvdjIuMCIsICJyZWdpb24iOiAiUmVnaW9uT25lIiwg
InB1YmxpY1VSTCI6ICJodHRwOi8vbG9jYWxob3N0OjUwMDAvdjIuMCIsICJpbnRl
cm5hbFVSTCI6ICJodHRwOi8vbG9jYWxob3N0OjM1MzU3L3YyLjAifV0sICJlbmRw
b2ludHNfbGlua3MiOiBbXSwgInR5cGUiOiAiaWRlbnRpdHkiLCAibmFtZSI6ICIn
SWRlbnRpdHkgU2VydmljZScifV0sICJ1c2VyIjogeyJ1c2VybmFtZSI6ICJhZG1p
biIsICJyb2xlc19saW5rcyI6IFtdLCAiaWQiOiAiNTIwMWQ0MWRiOTVjNGZhZGJk
NzdiMGQ5NjcyNWIyYzAiLCAicm9sZXMiOiBbeyJuYW1lIjogIktleXN0b25lU2Vy
dmljZUFkbWluIn0sIHsibmFtZSI6ICJhZG1pbiJ9LCB7Im5hbWUiOiAiS2V5c3Rv
bmVBZG1pbiJ9XSwgIm5hbWUiOiAiYWRtaW4ifSwgIm1ldGFkYXRhIjogeyJpc19h
ZG1pbiI6IDAsICJyb2xlcyI6IFsiMGNhMGIxMDlkYTIzNDBjMGJjMjlkYjBjYTA5
NDk1ZDYiLCAiYTg3Y2JiZTFhMjQxNDM4ZGExMzE2N2NlNThmMzM3NzQiLCAiNTM1
YTBiZTRjYjQ3NGU3MWExZDI0NDZlNzQ5OTc2OGEiXX19fTGCAYEwggF9AgEBMFww
VzELMAkGA1UEBhMCVVMxDjAMBgNVBAgTBVVuc2V0MQ4wDAYDVQQHEwVVbnNldDEO
MAwGA1UEChMFVW5zZXQxGDAWBgNVBAMTD3d3dy5leGFtcGxlLmNvbQIBATAHBgUr
DgMCGjANBgkqhkiG9w0BAQEFAASCAQCYODSKvjKTCHIDGdwvMMUKQ6C7y6V6t5Wp
+7JENx4bp4nI5QL3elSDiLMNRD8jcQoe0IaAWvxO0QaVoTZMsfvbfNU60lKKXvmQ
kwoFKD3+F4NS7ZJMyWFyT1PEmYxwD/ntjmGgR3VcwNCjQTu7Ihl4FZ2KN+ZmupDP
wUDHg5B8NPZLWb1itCcvGO5EiOan3OdKdZw5mEiTLmc/8OjEXG+RsOlYsWTwCj1l
4D3Z8aMvf740lkS7rHl/NiWNjMBA13mvTwzYbMmWJn9RV7tXKWoZGwW5ug9BilLJ
7AM9tsn3svR2jybWPFvl4HS71cdLUKNzafcMOxnBPszSptB3wPMu
-----END CMS-----
---
Setting key_size = 1024 in the keystone.conf file resolves the issue for now. The default size is 2048 so we should probably change that.
Alternately we could increase the size/type of the id column. Long term it would be nice not to store these in the database... (if possible)
Fix proposed to branch: master /review. openstack. org/10584
Review: https:/