I am trying to install the Tanzu Application Service, and it is consistently failing with the following error:
Task 188 | 09:41:57 | L executing post-start: diego_cell/282d34d5-e50f-48ba-ac48-e69480ee8812 (2) (00:02:32)
Task 188 | 09:42:01 | Error: 'mysql_monitor/50e163f5-164d-4f71-aa76-87d1d0c0b815 (0)' is not running after update. Review logs for failed jobs: replication-canary
Task 188 Started Tue Mar 7 09:23:45 UTC 2023
Task 188 Finished Tue Mar 7 09:42:01 UTC 2023
Task 188 Duration 00:18:16
Task 188 error
Updating deployment:
Expected task '188' to succeed but state is 'error'
Exit code 1
===== 2023-03-07 09:42:02 UTC Finished "/usr/local/bin/bosh --no-color --non-interactive --tty --environment=10.0.16.5 --deployment=cf-ccfc8e50d7a06594822c deploy --no-redact /var/tempest/workspaces/default/deployments/cf-ccfc8e50d7a06594822c.yml"; Duration: 1146s; Exit Status: 1
Exited with 1.
Exited with 1.
When I check the logs for the run, I see the following for the mysql_monitor logs:
goroutine 1 [running]:
code.cloudfoundry.org/lager.(*logger).Fatal(0xc0000a22a0, {0x7b3a08, 0x1d}, {0x843a80?, 0xc00025fc50}, {0x0, 0x0, 0xc0000ca360?})
/var/vcap/data/compile/replication-canary/replication-canary/vendor/code.cloudfoundry.org/lager/logger.go:162 +0x5dc
main.main()
/var/vcap/data/compile/replication-canary/replication-canary/main.go:87 +0x6fa
panic: Post "https://uaa.system.tanzu.traceablepoc.com/oauth/token": x509: certificate is valid for *.tanzu.traceablepoc.com, pcf.tanzu.traceablepoc.com, *.pcf.tanzu.traceablepoc.com, not uaa.system.tanzu.traceablepoc.com
I had provided the following domains in the list when configuring the uaa:
*.traceablepoc.com,*.system.tanzu.traceablepoc.com,*.apps.tanzu.traceablepoc.com,*.tanzu.traceablepoc.com
Any clues on what might be wrong or what to check to get to the bottom of this?
You should double check the Alternate Names of the TLS certificate that you’ve submitted in Tanzu Ops Manager.
It seems to be still using an old version covering the *.tanzu.traceablepoc.com wildcard instead of the one properly covering the *.system.tanzu.traceablepoc.com and *.apps.tanzu.traceablepoc.com wildcards.