make generate-issuer-did error

Question

make generate-issuer-did error

Closed this issue 9 months ago · 7 comments

Got this error when running the command make generate-issuer-did
Tried to set ISSUER_VAULT_USERPASS_AUTH_ENABLED=true still doesn't work.

2023/11/18 04:00:58 INFO starting issuer node... revision=""
2023/11/18 04:00:58 INFO missing toml config file. Fallback to env vars err="Config File "config" Not Found in "[/service /home/runner/work/sh-id-platform/sh-id-platform]""
2023/11/18 04:00:58 INFO ISSUER_API_UI_ISSUER_DID value is missing
time=2023-11-18T04:00:58.728Z level=INFO msg="Vault userpass auth not enabled"
time=2023-11-18T04:01:02.806Z level=ERROR msg="creating identity" err="can't create babyJubJub key: Error making API request.\n\nURL: PUT http://vault:8200/v1/iden3/new/random/BJJ:07edebdbe78ddcc45c906318b1a6120b\nCode: 503. Errors:\n\n* Vault is sealed" id=
time=2023-11-18T04:01:02.806Z level=ERROR msg="error creating identifier" !BADKEY="cannot create identity: can't create babyJubJub key: Error making API request.\n\nURL: PUT http://vault:8200/v1/iden3/new/random/BJJ:07edebdbe78ddcc45c906318b1a6120b\nCode: 503. Errors:\n\n* Vault is sealed"

Answer 1 · 2023-11-19T10:44:15.000Z

Hi @xdimension, if you want to configure the issuer node to authenticate against Vault with the userpass approach you must add these vars to .env-issuer file:

ISSUER_VAULT_USERPASS_AUTH_ENABLED=true
ISSUER_VAULT_USERPASS_AUTH_PASSWORD=issuernodepwd

Another approach is by using the vault root token. For that change first the .env-issuer like this:

ISSUER_VAULT_USERPASS_AUTH_ENABLED=false
ISSUER_VAULT_USERPASS_AUTH_PASSWORD=issuernodepwd

then run make add-vault-token to add the vault token to the .env-issuer file.
After running that command you should see something like this in that file:

ISSUER_KEY_STORE_TOKEN=hvs.XXX

Also, you can check the vault token running make print-vault-token and the result should be the same, hvs.XXX in this example.

Answer 2 · 2023-11-19T13:51:07.000Z

Thanks for your reply.
I tried again and when I run the command make private_key=XXX add-private-key; I got an error:

docker exec issuer-vault-1
vault write iden3/import/pbkey key_type=ethereum private_key=XXX
Error writing data to iden3/import/pbkey: Error making API request.

URL: PUT http://0.0.0.0:8200/v1/iden3/import/pbkey
Code: 503. Errors:

Vault is sealed
make: *** [Makefile:147: add-private-key] Error 2

Answer 3 · 2023-11-19T15:34:11.000Z

@xdimension can you paste here the vault container logs ?

Answer 4 · 2023-11-19T17:53:48.000Z

Hi @martinsaporiti
I just git clone again this repo and it works now. I check that it has difference main branch commit than I cloned couple days ago. So it seems it has been fixed.
Thanks.

Answer 5 · 2023-11-19T22:41:14.000Z

Hi @xdimension, glad to hear that.

Answer 6 · 2023-12-19T05:03:05.000Z

This issue is stale because it has been open 20 days with no activity. Remove stale label, add the enhancement label or comment to avoid closing it in 10 days.

Answer 7 · 2023-12-30T05:03:02.000Z

This issue was closed because it has been stalled for 10 days with no activity.