Uploaded image for project: 'Red Hat OpenShift Dev Spaces (formerly CodeReady Workspaces) '
  1. Red Hat OpenShift Dev Spaces (formerly CodeReady Workspaces)
  2. CRW-1154

Openshift Oauth doesn't work on Z

XMLWordPrintable

      When we deploy crw2.2 on PSI cluser with Openshift Oath set to true, an authentication issue occurs saying can't send authentication request to identity provider. Below I attach the detailed information on this issue. 

      Checking the logs in keycloak pods: 

      [0m[31m15:38:50,081 ERROR [org.keycloak.services.resources.IdentityBrokerService] (default task-1) couldNotSendAuthenticationRequestMessage: org.keycloak.broker.provider.IdentityBrokerException: Could not initialize oAuth metadata at ........

      Caused by: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at ........

      Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at .......

      Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at ........

       

       

      FYI, if i set the Openshift Oauth to false, can release the crw web console successfully.

       

        1. authentication issue when open the crw web console.png
          authentication issue when open the crw web console.png
          318 kB
        2. logs1.png
          logs1.png
          1.08 MB
        3. logs2.png
          logs2.png
          1.06 MB
        4. logs3.png
          logs3.png
          1.06 MB

            kcrane@redhat.com Kirk Crane
            ruoxuan95 Doris Xu (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: