In resident manage my vid, while try to download vid card getting download in progress.
@Kamesh , please can you respond on this.
@sathwikasj It seems credentials not issued.
SELECT credential_request_id FROM resident.resident_transaction x
WHERE event_id ='Your event id'
Can you please execute this script in resident db. Then you will get credential id Please check it’s status. if it’s stuck at issued stage . Please check in digital card service logs for any errors.
SELECT aid FROM resident.resident_transaction x
WHERE event_id ='your event id'
can you please try this script in resident db
@sathwikasj please check for the same event id you are seeing for vid card download for other event id credential request id will not come.
Please find the VID card download event id details
in credential for above request status is showing failed.
It seems some issue with Data share service or credential service. Please share both logs or check any errors in these 2 services.
Logs of datashare
{“@timestamp”:“2024-07-22T11:45:25.143Z”,“@version”:“1”,“message”:"SESSIONID - PARTNERID - mpartner-default-digitalcard - EncryptionUtil::encryptData():: error with error messageio.mosip.datashare.exception.DataEncryptionFailureException: DAT-SER-001 → Not allowed to generate new key pair for other domains or not allowed to generate base key.\n\tat io.mosip.datashare.util.EncryptionUtil.encryptData(EncryptionUtil.java:106)\n\tat io.mosip.datashare.service.impl.DataShareServiceImpl.createDataShare(DataShareServiceImpl.java:148)\n\tat jdk.internal.reflect.GeneratedMethodAccessor190.invoke(Unknown Source)\n\tat java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)\n\tat java.base/java.lang.reflect.Method.invoke(Method.java:566)\n\tat org.springframework.util.ReflectionUtils.invokeMethod(ReflectionUtils.java:223)\n\tat org.springframework.cloud.context.scope.GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:494)\n\tat org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:185)\n\tat org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:688)\n\tat io.mosip.datashare.service.impl.DataShareServiceImpl$$EnhancerBySpringCGLIB$$b781b527.createDataShare()\n\tat io.mosip.datashare.controller.DataShareController.createDataShare(DataShareController.java:76)\n\tat io.mosip.datashare.controller.DataShareController$$FastClassBySpringCGLIB$$607e77f6.invoke()\n\tat org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)\n\tat org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:746)\n\tat org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163)\n\tat org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:69)\n\tat org.springframework.ao
rdHostValve.java:139)\n\tat org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)\n\tat org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)\n\tat org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:690)\n\tat org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)\n\tat org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:615)\n\tat org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)\n\tat org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:818)\n\tat org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1627)\n\tat org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)\n\tat java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)\n\tat java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)\n\tat org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)\n\tat java.base/java.lang.Thread.run(Thread.java:829)\n",“logger_name”:“io.mosip.datashare.util.EncryptionUtil”,“thread_name”:“http-nio-8097-exec-3”,“level”:“ERROR”,“level_value”:40000,“appName”:“application,data-share”,“traceId”:“5061fa893848b673fb11ca4a82bffe82”,“spanExportable”:“false”,“req.requestURI”:“/v1/datashare/create/mpolicy-default-PDFCard/mpartner-default-digitalcard”,“X-Span-Export”:“false”,“X-B3-ParentSpanId”:“800a60db53282ef0”,“req.method”:“POST”,“parentId”:“800a60db53282ef0”,“req.userAgent”:“Apache-HttpClient/4.5.6 (Java/11.0.16)”,“spanId”:“9765904a49f8c54c”,“X-B3-SpanId”:“9765904a49f8c54c”,“X-B3-TraceId”:“5061fa893848b673fb11ca4a82bffe82”,“req.remoteHost”:“127.0.0.6”,“req.requestURL”:“http://datashare.datashare/v1/datashare/create/mpolicy-default-PDFCard/mpartner-default-digitalcard”}
Logs for credential service
{“@timestamp”:“2024-07-22T12:10:20.559Z”,“@version”:“1”,“message”:“service-account-mosip-crereq-client - REQUEST_ID - 10002103870001220240722120626-PDF - DAT-SER-001 → Not allowed to generate new key pair for other domains or not allowed to generate base key.”,“logger_name”:“io.mosip.credentialstore.util.DataShareUtil”,“thread_name”:“http-nio-8095-exec-5”,“level”:“ERROR”,“level_value”:40000,“appName”:“credential-service,id-repository,application”,“req.requestURI”:“/v1/credentialservice/issue”,“traceId”:“5dde30b73aa193aa21a61dfa435f180a”,“spanExportable”:“true”,“X-Span-Export”:“true”,“X-B3-ParentSpanId”:“21a61dfa435f180a”,“req.method”:“POST”,“req.userAgent”:“Apache-HttpClient/4.5.6 (Java/11.0.16)”,“parentId”:“21a61dfa435f180a”,“spanId”:“c3ffad2b36345eaf”,“X-B3-SpanId”:“c3ffad2b36345eaf”,“X-B3-TraceId”:“5dde30b73aa193aa21a61dfa435f180a”,“req.remoteHost”:“127.0.0.6”,“req.requestURL”:“http://credential.idrepo/v1/credentialservice/issue”}
lterChain.java:193)\n\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)\n\tat brave.servlet.TracingFilter.doFilter(TracingFilter.java:86)\n\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)\n\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)\n\tat org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:200)\n\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)\n\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)\n\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)\n\tat org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199)\n\tat org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)\n\tat org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:543)\n\tat io.mosip.kernel.core.logger.config.SleuthValve.invoke(SleuthValve.java:36)\n\tat org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)\n\tat org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)\n\tat org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)\n\tat org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:690)\n\tat org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)\n\tat org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:615)\n\tat org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)\n\tat org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:818)\n\tat org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1627)\n\tat org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)\n\tat java.base/java.util.concurr
ent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)\n\tat java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)\n\tat org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)\n\tat java.base/java.lang.Thread.run(Thread.java:829)\n",“logger_name”:“io.mosip.credentialstore.util.DataShareUtil”,“thread_name”:“http-nio-8095-exec-5”,“level”:“ERROR”,“level_value”:40000,“appName”:“credential-service,id-repository,application”,“req.requestURI”:“/v1/credentialservice/issue”,“traceId”:“5dde30b73aa193aa21a61dfa435f180a”,“spanExportable”:“true”,“X-Span-Export”:“true”,“X-B3-ParentSpanId”:“21a61dfa435f180a”,“req.method”:“POST”,“req.userAgent”:“Apache-HttpClient/4.5.6 (Java/11.0.16)”,“parentId”:“21a61dfa435f180a”,“spanId”:“c3ffad2b36345eaf”,“X-B3-SpanId”:“c3ffad2b36345eaf”,“X-B3-TraceId”:“5dde30b73aa193aa21a61dfa435f180a”,“req.remoteHost”:“127.0.0.6”,“req.requestURL”:“http://credential.idrepo/v1/credentialservice/issue”}
Mon, Jul 22 2024 5:40:20 pm{“@timestamp”:“2024-07-22T12:10:20.561Z”,“@version”:“1”,“message”:“”,“logger_name”:“io.mosip.kernel.core.retry.RetryListenerImpl”,“thread_name”:“http-nio-8095-exec-5”,“level”:“ERROR”,“level_value”:40000,“stack_trace”:"io.mosip.credentialstore.exception.DataShareException: IDR-CRS-011 → Datashare response is null; \nnested exception is io.mosip.credentialstore.exception.DataShareException: IDR-CRS-011 → Datashare response is null\n\tat io.mosip.credentialstore.util.DataShareUtil.getDataShare(DataShareUtil.java:142)\n\tat io.mosip.credentialstore.util.DataShareUtil$$FastClassBySpringCGLIB$$77084ded.invoke()\n\tat org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)\n\tat org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:746)\n\tat org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163)\n\tat org.springframework.retry.interceptor.RetryOperationsInterceptor$1.doWithRetry(RetryOperationsInterceptor.java:91)\n\tat org.springframework.retry.support.RetryTemplate.doExecute(RetryTemplate.java:287)\n\tat org.springframework.retry.support.RetryTemplate.execute(RetryTemplate.java:164)\n\tat org.springframework.retry.interceptor.RetryOperationsInterceptor.invoke(RetryOperationsInterceptor.java:118)\n\tat org.springframework.retry.annotation.AnnotationAwareRetryOperationsInterceptor.invoke(AnnotationAwareRetryOperationsInterceptor.java:152)\n\tat org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:185)\n\tat org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:688)\n\tat io.mosip.credentialstore.util.DataShareUtil$$EnhancerBySpringCGLIB$$3ff90562.getDataShare()\n\tat io.mosip.credentialstore.service.impl.CredentialStoreServiceImpl.createCredentialIssuance(CredentialStoreServiceImpl.java:200)\n\tat io.mosip.credentialstore.controller.CredentialStoreCon
ramework.cloud.sleuth.instrument.web.ExceptionLoggingFilter.doFilter(ExceptionLoggingFilter.java:48)\n\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)\n\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)\n\tat brave.servlet.TracingFilter.doFilter(TracingFilter.java:86)\n\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)\n\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)\n\tat org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:200)\n\tat org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)\n\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)\n\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)\n\tat org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199)\n\tat org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)\n\tat org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:543)\n\tat io.mosip.kernel.core.logger.config.SleuthValve.invoke(SleuthValve.java:36)\n\tat org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)\n\tat org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)\n\tat org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)\n\tat org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:690)\n\tat org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)\n\tat org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:615)\n\tat org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)\n\tat org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:818)\n\tat org.apache.tomcat.
@sathwikasj It’s failing while encryption. can you please tell which version of keymanager, data share, mosip-config, resident service and credential service you have deployed.
keymanager-1.2.0.1
Datashare-1.2.0.1
Mosipconfig-1.2.0.1 config but updated resident 1.2.1.0 related changes
Resident service-1.2.1.0
Credential service-1.2.1.0
We have deployed env from 1.2.0.1 mosip-infra tag on top there resident was not working, so after the 1.2.1.0 resident release we have deployed that in 1.2.0.1 infra and updated the config related changes and service related (image) changes
@sathwikasj Main error is
Not allowed to generate new key pair for other domains or not allowed to generate base key.
So it coming from above code of keymanager.
So it seems partner certificate is expired. or key of partners not matching.
SELECT cert_thumbprint FROM ida.key_alias x where ref_id ='your partner id'
@sathwikasj you can execute above query You can check partner id .
Execute above query in ida db.
SELECT x.* FROM keymgr.key_alias x
WHERE cert_thumbprint ='your thumbprint'
What ever thumbprint you got please check same in key manager db . if it matches then fine otherwise there is some issue with partner onboarding check partner onboarding report. Or run partner onbarding again.
We are having below attached entries in ida keyalias table please guide me which entry needs for query.
@sathwikasj please search for refid mpartner-default-auth and find cert thumbprint
Thumbprint of both ida keyalias table and keymanager tables are same.
@sathwikasj have you checked cert expiry date ? whether it is expired or not.
This is the fresh deployment i have done 20days back. Its not expired.