We are deploying v3-installation/1.2.0.2/on-premises-deployment-without-dns, and due to self signed certificates.Its getting failed in partner on boarder service deployment and not passing through cert-upload ,Kindly suggest a solution to pass this.. We are choosing “n” when installation prompts…
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.
Hi @parandhaman
Thank you for reaching out to us. Let us check on the issue and revert back to you as soon as possible
Regards,
Prathmesh
on behalf of Team MOSIP
1 Like
Please let us know the solution for this
hello @parandhaman ,
If you go to all requests section, u can see the actual API response, The failure msg here tells me that the script was trying to read the certificate from the response and it failed.
lets see the API response first to determine,further what could be the reason behind it
Dear Sir - Please find the latest report, Kindly note its self signed certificate …
(Attachment mimoto-keybinding (9).html is missing)
I dont see any attached files @parandhaman , could u pls copy-paste the logs here ?
Showing 1 Failure
Iteration 1 - TypeError - cert_upload - upload-leaf-certificate
Failed Test:
Assertion Error Message
Cannot read properties of null (reading 'signedCertificateData')
@parandhaman hi, This is just the newman script error. could u share the API error( which u can find in the all requests section in the html )please?
{ “id”: “string”, “metadata”: {}, “request”: { “certificateData”: “-----BEGIN CERTIFICATE-----\nMIIGCTCCA/GgAwIBAgIUbRPvWVGONqnxA2Xze+MKXzM3S0gwDQYJKoZIhvcNAQEL\nBQAwaTELMAkGA1UEBhMCSU4xDDAKBgNVBAgMA0thcjEMMAoGA1UEBwwDQmxyMQ0w\nCwYDVQQKDARJSVRCMS8wLQYDVQQDDCZtcGFydG5lci1kZWZhdWx0LW1pbW90b2tl\neWJpbmRpbmctUm9vdDAeFw0yNTA4MTkxMDM3MjNaFw0zMDA4MTgxMDM3MjNaMGsx\nCzAJBgNVBAYTAklOMQwwCgYDVQQIDANLYXIxDDAKBgNVBAcMA0JscjENMAsGA1UE\nCgwESUlUQjExMC8GA1UEAwwobXBhcnRuZXItZGVmYXVsdC1taW1vdG9rZXliaW5k\naW5nLUNsaWVudDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMAjYGE9\naLTiHhA+gmzRatPp1kbMB9OMBoAQYO5KNZGvMzlnVz2ur/i4ImG1z1lo5HWDjFYh\ny9t34pIl52Cuv9CtlSQkOr1Yqrb8dnL2SUCZITpnjZGJ7TJqlGj+GOU5pMBu4llk\n+q8+gabIFOqzoMnnNLNLURyei+N0n5Uk3H8Jb1dd77zZDEBQJLBql9t+401bRLa/\nKFvc25Q1OoLRouoSJKbPxjRavtKWa7JkR9piQw4niIl6m+M1MW2BIC2YWMU4xBJX\ntZxkyW833yoLoAygoHt6IATk5ELKnAYKehKGJcJQrytd5bvoSSFO368FTHT71M5J\n5aY9yMu4llq7y3Bk9H11oxm4arBWVEg+RKt6SPCMqdDHmaX8BMF4EMqjh3dQjlQj\nEjOE/Udtcnj7OHpUodkvtSN+f1+Q301lXkspfRkihD5WR8CKU+sDeOUg8qk5KzI4\nUmAJGUvYvOXZKg55/wq79qrC+rBhv4IIccnDebAXEXkm+Kuyx8nAXMF3Wjz6kuId\nv3i1L3zsp/4apCEg9g1nTCuVQQ8JqlvyCsBK0jRI3qXlBrNhkqEwXVQAAgsBhPiw\n+8AtQpwLBc9rd8SGiwlWaK5HqukJDEGO58whmTbhvqJQFtoKkwJe9NwXdQjgYfvp\nI6ZeVOqtEq8Pmmmspu8ZLTCxp3SO2ubbNW/9AgMBAAGjgaYwgaMwCQYDVR0TBAIw\nADARBglghkgBhvhCAQEEBAMCBBAwMwYJYIZIAYb4QgENBCYWJE9wZW5TU0wgR2Vu\nZXJhdGVkIENsaWVudCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUC8d4JkhvlSJdfwrk\nl+L1hs8cUfowHwYDVR0jBBgwFoAU/Sj1MGKgYBezgG5O+FRkpCft8TwwDgYDVR0P\nAQH/BAQDAgXgMA0GCSqGSIb3DQEBCwUAA4ICAQBv8qbT9uY3Q97nMtq4xhrifCi+\nWzVdML9RsqkqSx/HWmZB0J89hmOWt/Oakm6NFrwCPip5bTxjkLjStZPAXWy5kDbT\nSNabyO6/tuIc2ragXTmP0DNudLmh3lozxWCgdWiuxFBW+6GInLZD9zk0KIVHuG4S\ngIaoVG7KBDZP4mrnRB9Fs4UOLuWebdAlLfJgCDrDrcNSsQFV494whXITAwFZfV6X\nhBOHG7XxkArui47v4ByBCFC6FG5pxrMbgkzHJWoGA2u3ZbpYDzTVkx0Agpb1Q+3b\nBITbOHawTuX5qcjm5zSUx8qEYCXtC9/GHF9dKFL5eYbB1Yq8kwbzzkP3pas66aql\nAC/FIRyV0M/KBvHijF0UvM+t9pzBfxYJXAJV7zGp+IN5RQyCYRgOi37fUwQQXbND\nl2gUCj6PZgTdO1klc0bGa+hSNHywo7w6zhOjFYiVqwOQGFGbIOwS9CDWYcYu5nCq\n7lo68sm2LZtH6a3z/mY5UD9oJkrKV97AGtEj/RvumXeqN1CyiVwZL9Fzmee1Smod\n1Va5oT9/7qyoKFuPI8JFIf5ZtmLbZuFYSMZDK6ZfoEyxVr9yqSkgBlaSxJjfZO0v\nDunukwxwELYUYLRuarhQyJfPjA6Lx1jb7+BJNPD0pbu399OrklqBjQRErYbS76xt\n8bQRi/S+9QAt6nJBlg==\n-----END CERTIFICATE-----\n”, “partnerDomain”: “Auth”, “partnerId”: “mpartner-default-mimotokeybinding” }, “requesttime”: “2025-08-19T10:37:55.936Z”, “version”: “string” }
Thanks @parandhaman , This request body seems to be correct, Can you pls share the response to this request as well ?
{ “id”: “mosip.partnermanagement”, “version”: “1.0”, “responsetime”: “2025-08-19T10:37:56.921Z”, “metadata”: null, “response”: null, “errors”: [ { “errorCode”: “PMS_KKS_001”, “message”: “Error while accessing the API.Please check the logs.” } ] }
@parandhaman , I get the issue now, The upload cert API didnt produce the signed-certificate, so the scripts threw the error.
In this case, we will need to debug “PMS_KKS_001” and for that we need logs from Partner-pms service. Can u pls share that ?
Thank you
2025-09-03T10:11:29.157474Z error failed scraping application metrics: error scraping http://localhost:80/metrics: Get “http://localhost:80/metrics”: dial tcp 127.0.0.1:80: connect: connection refused
[2025-09-03T10:11:36.044Z] “GET /v1/partnermanager/actuator/prometheus HTTP/1.1” 200 - via_upstream - “-” 0 15639 5 4 “-” “Prometheus/2.38.0” “582c3731-c844-41d7-abca-6410810c68ec” “10.42.1.24:9109” “10.42.1.24:9109” inbound|9109|| 127.0.0.6:53287 10.42.1.24:9109 10.42.1.7:42806 - default
2025-09-03T10:11:44.285054Z error failed scraping application metrics: error scraping http://localhost:80/metrics: Get “http://localhost:80/metrics”: dial tcp 127.0.0.1:80: connect: connection refused
[2025-09-03T10:11:46.036Z] “GET /v1/partnermanager/actuator/prometheus HTTP/1.1” 200 - via_upstream - “-” 0 15639 12 11 “-” “Prometheus/2.38.0” “cf967091-149b-4673-bfca-14c9c412c2b4” “10.42.1.24:9109” “10.42.1.24:9109” inbound|9109|| 127.0.0.6:53287 10.42.1.24:9109 10.42.1.7:42806 - default
[2025-09-03T10:11:56.036Z] “GET /v1/partnermanager/actuator/prometheus HTTP/1.1” 200 - via_upstream - “-” 0 15639 24 24 “-” “Prometheus/2.38.0” “0dabfca5-096a-4032-8833-c3ed0665caa4” “10.42.1.24:9109” “10.42.1.24:9109” inbound|9109|| 127.0.0.6:53287 10.42.1.24:9109 10.42.1.7:42806 - default
2025-09-03T10:11:59.170105Z error failed scraping application metrics: error scraping http://localhost:80/metrics: Get “http://localhost:80/metrics”: dial tcp 127.0.0.1:80: connect: connection refused
[2025-09-03T10:12:06.038Z] “GET /v1/partnermanager/actuator/prometheus HTTP/1.1” 200 - via_upstream - “-” 0 15641 17 16 “-” “Prometheus/2.38.0” “d4918197-de8a-46c9-a73e-5270d78f1917” “10.42.1.24:9109” “10.42.1.24:9109” inbound|9109|| 127.0.0.6:53287 10.42.1.24:9109 10.42.1.7:42806 - default
2025-09-03T10:12:14.167927Z error failed scraping application metrics: error scraping http://localhost:80/metrics: Get “http://localhost:80/metrics”: dial tcp 127.0.0.1:80: connect: connection refused
@parandhaman , can u generate a pair of ca&partner certs locally and upload those to PMS using the CAcertupload and Partnercertupload APIs respectively.
If you are able to upload , then it could be a temporary issue with PMS and I can guide you regarding re-onboarding. However if this request throws the same error again , then we will have to further debug PMS logs and setup.
Thanks
Dear Sir - This fresh deployment and i am unable to deploy this partner onboarder.. i am following on prem without dns installation deployment as per specified order for mosip services..
@parandhaman , I understand .
Please follow the below steps.
- Login to the pms db
- Manually cleanup the partner details , policy & policgroup details , and partner-policy tables , for this specific partner. (mpartner-default-mimotokeybinding)
3.Once they have cleaned, you can retrigger onboarder for this partner again.
If u still face the issue, we can have a google meet,and discuss.
Thank You
Dear Sir,
I have already tried all the steps suggested in the community forum, including deleting records in the PMS database. However, the issue still persists.Could we kindly arrange a call at your convenience next week to discuss this further?
Thank you for your time and guidance.
Hi @parandhaman , Yes lets have a call set up.
I am available for 3.00 to 3.30 pm IST on 15th sept.
I will create a meeting link and share with you soon.
Hopefully that works.
Thanks and regards
Mahesh