Unable to Load Emulation Project Page - SSL issue?

Deployment: Eaasi Service
EaaSI Version: eaasi-release-2020.03
Browser: chromium


We have not used this instance in some months. Our lead for the project’s contract ended so it languished for a bit but now I am in the process of trying to update the SSL on our server hosted at eaasi-prod.library.cmu.edu.
After I had updated the certificate and key and ran ./scripts/deploy.sh again and then redeployed the docker containers on the site I was able to log in and have no issues with getting through the front-end.

However, I do not see any resources or bookmarks when I navigate from my dashboard.
I looked at the dump of the database and I’m not sure if I should be seeing anything in there but I do not when I search in a few tables. I see the eaasi_user was created in Oct 2020 so I assume that data has not been lost since that exists…

When I try to go to the emulation project page I get this error (cut for length, but can provide full txt file):

##### Front-End Stack Trace #####
message::TypeError: Cannot read properties of undefined (reading 'systems')
info::created hook (Promise/async)
stack::TypeError: Cannot read properties of undefined (reading 'systems')
    at t.<anonymous> (https://eaasi-prod.library.cmu.edu/js/app.e41a1638.js:1:157991)
    at u (https://eaasi-prod.library.cmu.edu/js/chunk-vendors.36dbd39e.js:38:2088)
    at Object.next (https://eaasi-prod.library.cmu.edu/js/chunk-vendors.36dbd39e.js:38:1383)
    at a (https://eaasi-prod.library.cmu.edu/js/chunk-vendors.36dbd39e.js:38:936)

###### Web-Api Event List #######
message::::ffff: - - [30/Sep/2021:19:19:05 +0000] "GET /eaasi_app/auth/user HTTP/1.0" 304 - "https://eaasi-prod.library.cmu.edu/resources/explore" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36"

message::::ffff: - - [30/Sep/2021:19:19:06 +0000] "GET /resource_metadata/eaasi-task/ HTTP/1.0" 304 - "https://eaasi-prod.library.cmu.edu/resources/explore" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36"

message::FetchError: request to https://eaasi-prod.library.cmu.edu:443/emil/EmilEnvironmentData/ failed, reason: unable to verify the first certificate
    at ClientRequest.<anonymous> (/app/node_modules/node-fetch/lib/index.js:1455:11)
    at ClientRequest.emit (events.js:198:13)
    at TLSSocket.socketErrorListener (_http_client.js:392:9)
    at TLSSocket.emit (events.js:198:13)
    at emitErrorNT (internal/streams/destroy.js:91:8)
    at emitErrorAndCloseNT (internal/streams/destroy.js:59:3)
    at process._tickCallback (internal/process/next_tick.js:63:19)
message::::ffff: - - [30/Sep/2021:19:19:11 +0000] "GET /resource_metadata/bookmark?userID=1 HTTP/1.0" 304 - "https://eaasi-prod.library.cmu.edu/dashboard" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36"
###### App Version #######
EaaSi Version: 1.8.17
########## < END > ##############

So this appears to be some sort of ssl error.

I had some trouble last time I did this which I was able to resolve here:

I did this by going in to the nginx container and updating the approved list of certificates to include those that are self-signed by CMU as there appeared to be an issue with the server accepting our certificates.

However, when I tried to do this again I could not find a container that has java running or a place to update the cacerts file in any of the containers (web-api, nginx, database, front-end).

Any ideas or suggestions would be appreciated.
Included is the latest from /eaas-home/log/server/server.log
server.log (1.8 MB)


not too urgent.

Apologies for the delay in response @kirichacha!

Just to confirm some expected behavior on my side of things: under Manage Node → Endpoints /Metadata Sync, are there any OAI-PMH harvester endpoints listed? I realize it may be difficult to recall setup from near a year ago, but in a completely fresh deployment (before syncing to a remote endpoint or importing any resources manually) one would not expect to see anything in the dashboard. Do you generally recall what type of resources (Environments, Software, Content?) were there before? Just trying to narrow down a bit what you’re expecting to see.

Otherwise, I will ping @oooleg to take a look at the ssl errors here as soon as possible. Please bear in mind, we are very close to an expected new (major) release, so the best solution may be to wait a moment and attempt a fresh deployment with the new code (which will include a data migration step in updating from previous releases)

thank you for the reply @ethan.gates

I do not see anything in there when I navigate to Manage Node->Endpoints.

I updated the git branch and deployed again on top of what was there and use a new certificate and key.
Would there be any other place to check for environments or software like in the pgsql database or somewhere else?

Sorry, I wish we had this better documented and I know it’s not your job to help us find our work.
I know we had some things on there as of March 2020 as referenced here:

(In looking this up I just noticed my name is spelled wrong there (Kiritharan not Kirithan))
I saw in the monthly notes from eaasi that our former colleague Zach (on april 6, 2021) had worked with an Architecture class regarding autocad…

But if the update had cleared those things out then I suppose they are gone and that’s no big deal, we know how to set up new environments.
I will be on standby until the next major release before I get in to the thick of things regarding the ssl stuff here.
Thanks again!

Hi @kirichacha - first off, my deepest apologies!! I’ve fixed the spelling of your name in the blog post.

I’ve confirmed with Oleg - the pgsql database that you’re seeing should actually only contain front-end data like bookmarks, running background tasks, and some user management info. (If you have tried to inspect the database directly, you may have seen many, many empty tables; this was due to a partial/premature implementation of an expanded metadata model before the system was ready to actually use any info from those tables to drive functionality)

However, you should be able to check for existing environments or software by navigating to the home directory for the back-end (this would be the location specified by the eaas_home variable in your eaasi.yaml config in the installer - if left at the default value, it should just be an eaasi directory at the root level of your server). Once there, there should be an image-archive sub-directory and then a metadata sub-directory under that (so /eaasi/image-archive/metadata) that would contain the XML records for previous Environments, including directions to the underlying disk images, etc. Point is, if you see XML files in there then indeed we’re dealing with a problem in the connection between the front-end reading/finding the available back-end resources. It is likely that the other front-end containers (web-api, database, etc) have not picked up properly on the updated certs. Once you can confirm that there are existing resources we would suggest holding on for the upcoming release, which should fix this problem, and we will be sure to work with you to make sure the existing resources migrate properly.

Sorry for my late response but was waiting on the later release anyways.
Just so you know I checked thin my /eaasi/image-archive folder and i’ve found that we do have xml data in that area

kiritharan@eaasi-prod:/eaas-home/image-archive/meta-data$ ls
base  checkpoints  containers  derivate  object  patches  roms  sessions  system  template  tmp  user
kiritharan@eaasi-prod:/eaas-home/image-archive/meta-data$ ls roms/
0ac00501-77cf-4c38-8918-5b4a3868c044.xml  9c1cfb1a-f5b8-4f48-bfff-a1a0492eebf0.xml
11c73f79-1da1-4cb4-b752-2c697e9b9cf9.xml  b758fb09-9b8d-4a15-93fb-a3de4fa23a30.xml
482c0979-2342-44bc-b9e3-e468e570a901.xml  f1cd7b0c-e4b7-400b-bfdd-61a1175f749e.xml
581c79cb-21d5-4ae8-af88-a1cc272daa5c.xml  f6bd8ed5-4d64-46ef-bf5b-6a600672e23d.xml