2018-09-03 19:13:06 |
Keenen Wheeler |
description |
When attempting to enable livepatch on a fresh install of ubuntu server 18.04, I get the following error.
error executing enable: Couldn't send req: Post https://livepatch.canonical.com/api/machine-tokens: x509: certificate signed by unknown authority. Server communication failed.
Debug Info:
SSL Cert:
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: CN=livepatch.canonical.com
* start date: Sep 1 05:36:06 2018 GMT
* expire date: Nov 30 05:36:06 2018 GMT
* issuer: C=US; O=Let's Encrypt; CN=Let's Encrypt Authority X3
* SSL certificate verify ok.
} [5 bytes data]
> GET /api/machine-tokens HTTP/1.1
> Host: livepatch.canonical.com
> User-Agent: curl/7.58.0
> Accept: */*
>
Name Version Rev Tracking Publisher Notes
canonical-livepatch 8.0.3 42 stable canonical✓ - |
When attempting to enable livepatch on a fresh install of ubuntu server 18.04, I get the following error.
error executing enable: Couldn't send req: Post https://livepatch.canonical.com/api/machine-tokens: x509: certificate signed by unknown authority. Server communication failed.
I've tested this on multiple servers at different locations. This issue may be affecting all users. This will also prevent livepatch from functioning on existing installs.
I suspect that the 'Let's Encrypt Authority X3' CA is not installed on the snap core.
Debug Info:
SSL Cert:
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: CN=livepatch.canonical.com
* start date: Sep 1 05:36:06 2018 GMT
* expire date: Nov 30 05:36:06 2018 GMT
* issuer: C=US; O=Let's Encrypt; CN=Let's Encrypt Authority X3
* SSL certificate verify ok.
} [5 bytes data]
> GET /api/machine-tokens HTTP/1.1
> Host: livepatch.canonical.com
> User-Agent: curl/7.58.0
> Accept: */*
>
Name Version Rev Tracking Publisher Notes
canonical-livepatch 8.0.3 42 stable canonical✓ - |
|