One of two environments on same machines cannot be reached

Hi there!

About a week ago we setup an environment called QA on machine SBM01. Everything works fine so long. But today we try to setup a new environment - Production - on that same machine, but without luck. When we do a health check, Octopus says it cannot be reached. Even though it’s on the same machine/tentacle as QA.

This is the error log we get when we try to deploy to this new Production environment:

Failed: Deploy
2013-02-22 09:47:35 ERROR One or more errors occurred. Octopus.Shared.Activities.ActivityFailedException: A child activity failed: SOAP security negotiation with ‘http://10.36.10.10:10933/Packages/’ for target ‘http://10.36.10.10:10933/Packages/’ failed. See inner exception for more details.
Server stack trace:
at Octopus.Shared.Activities.Activity`1.StartNewThread.Execute() in c:\w\e6923628be6eaf72\source\Octopus.Shared\Activities\Activity.cs:line 52
at System.Threading.Tasks.Task.Execute()
Exception rethrown at [0]:
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccess(Task task)
at Octopus.Shared.Activities.ActivityRuntime.d__5.MoveNext() in c:\w\e6923628be6eaf72\source\Octopus.Shared\Activities\ActivityRuntime.cs:line 56
Exception rethrown at [1]:
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccess(Task task)
at Octopus.Server.Tasks.Deploy.UploadPackagesActivity.d__d.MoveNext() in c:\w\e6923628be6eaf72\source\Octopus.Server\Tasks\Deploy\UploadPackagesActivity.cs:line 44
Exception rethrown at [2]:
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccess(Task task)
at Octopus.Shared.Activities.ActivityRuntime.d__5.MoveNext() in c:\w\e6923628be6eaf72\source\Octopus.Shared\Activities\ActivityRuntime.cs:line 56
Exception rethrown at [3]:
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccess(Task task)
at Octopus.Server.Tasks.Deploy.DeploymentControllerActivity.d__3.MoveNext() in c:\w\e6923628be6eaf72\source\Octopus.Server\Tasks\Deploy\DeploymentControllerActivity.cs:line 44
Exception rethrown at [4]:
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccess(Task task)
at Octopus.Shared.Activities.ActivityRuntime.d__5.MoveNext() in c:\w\e6923628be6eaf72\source\Octopus.Shared\Activities\ActivityRuntime.cs:line 56

Success: Downloading packages from NuGet servers
2013-02-22 09:47:33 INFO Making a list of packages to download
2013-02-22 09:47:33 INFO All packages have been downloaded

Success: Download package Specter.Authentication.Api 3.0.1.91 from NuGet feed: Specter TeamCity NuGet feed
2013-02-22 09:47:33 DEBUG  Checking package cache for package Specter.Authentication.Api 3.0.1.91
2013-02-22 09:47:33 DEBUG  Package was found in cache. No need to download. Using file: C:\Octopus\Data\PackageCache\feeds-1\Specter.Authentication.Api.3.0.1.91_05908055AE013C43A51B51ED6BD2AF4B.nupkg
2013-02-22 09:47:33 DEBUG  SHA1 hash of package is: 4b46750a7d537774d72b1929b7168b4348c2f3fb

Failed: Uploading packages to Tentacles
2013-02-22 09:47:33 INFO Preparing to upload packages
2013-02-22 09:47:33 INFO Uploading packages…

Failed: Upload package Specter.Authentication.Api to machine http://10.36.10.10:10933/
2013-02-22 09:47:33 DEBUG  Uploading package Specter.Authentication.Api 3.0.1.91 to tentacle http://10.36.10.10:10933/
2013-02-22 09:47:33 ERROR  System.ServiceModel.Security.SecurityNegotiationException: SOAP security negotiation with 'http://10.36.10.10:10933/Packages/' for target 'http://10.36.10.10:10933/Packages/' failed. See inner exception for more details. ---> System.IdentityModel.Tokens.SecurityTokenValidationException: The certificate thumbprint given by the remote server is not what we expected. The remote server identified as: 40411442B3F79F44EBC7EC2B03AE99691B92FE3C while we expected: 40411442B3F79F44EBC7EC2B03AE99691B92FE3CT
at Octopus.Shared.Security.CertificateValidator.Validate(X509Certificate2 certificate) in c:\w\e6923628be6eaf72\source\Octopus.Shared\Security\CertificateValidator.cs:line 33
at System.IdentityModel.Selectors.X509SecurityTokenAuthenticator.ValidateTokenCore(SecurityToken token)
at System.IdentityModel.Selectors.SecurityTokenAuthenticator.ValidateToken(SecurityToken token)
at System.ServiceModel.Security.TlsnegoTokenProvider.ValidateSspiNegotiation(ISspiNegotiation sspiNegotiation)
at System.ServiceModel.Security.SspiNegotiationTokenProvider.OnNegotiationComplete(SspiNegotiationTokenProviderState sspiState, RequestSecurityTokenResponse negotiationRstr, RequestSecurityTokenResponse authenticatorRstr)
at System.ServiceModel.Security.SspiNegotiationTokenProvider.GetNextOutgoingMessageBody(Message incomingMessage, SspiNegotiationTokenProviderState sspiState)
at System.ServiceModel.Security.IssuanceTokenProviderBase`1.GetNextOutgoingMessage(Message incomingMessage, T negotiationState)
at System.ServiceModel.Security.IssuanceTokenProviderBase`1.DoNegotiation(TimeSpan timeout)
--- End of inner exception stack trace ---
Server stack trace:
at System.ServiceModel.Security.IssuanceTokenProviderBase`1.DoNegotiation(TimeSpan timeout)
at System.ServiceModel.Security.SspiNegotiationTokenProvider.OnOpen(TimeSpan timeout)
at System.ServiceModel.Security.TlsnegoTokenProvider.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
at System.ServiceModel.Security.SymmetricSecurityProtocol.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
at System.ServiceModel.Channels.SecurityChannelFactory`1.ClientSecurityChannel`1.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
at System.ServiceModel.Security.SecuritySessionSecurityTokenProvider.DoOperation(SecuritySessionOperation operation, EndpointAddress target, Uri via, SecurityToken currentToken, TimeSpan timeout)
at System.ServiceModel.Security.SecuritySessionSecurityTokenProvider.GetTokenCore(TimeSpan timeout)
at System.IdentityModel.Selectors.SecurityTokenProvider.GetToken(TimeSpan timeout)
at System.ServiceModel.Security.SecuritySessionClientSettings`1.ClientSecuritySessionChannel.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
at System.ServiceModel.Channels.ReliableChannelBinder`1.ChannelSynchronizer.SyncWaiter.TryGetChannel()
at System.ServiceModel.Channels.ReliableChannelBinder`1.ChannelSynchronizer.SyncWaiter.TryWait(TChannel& channel)
at System.ServiceModel.Channels.ReliableChannelBinder`1.ChannelSynchronizer.TryGetChannel(Boolean canGetChannel, Boolean canCauseFault, TimeSpan timeout, MaskingMode maskingMode, TChannel& channel)
at System.ServiceModel.Channels.ClientReliableChannelBinder`1.Request(Message message, TimeSpan timeout, MaskingMode maskingMode)
at System.ServiceModel.Channels.RequestReliableRequestor.OnRequest(Message request, TimeSpan timeout, Boolean last)
at System.ServiceModel.Channels.ReliableRequestor.Request(TimeSpan timeout)
at System.ServiceModel.Channels.ClientReliableSession.Open(TimeSpan timeout)
at System.ServiceModel.Channels.ReliableRequestSessionChannel.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.CallOnceManager.CallOnce(TimeSpan timeout, CallOnceManager cascade)
at System.ServiceModel.Channels.ServiceChannel.EnsureOpened(TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
Exception rethrown at [0]:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
at Octopus.Shared.Contracts.IPackageService.BeginUpload(PackageMetadata metadata)
at Octopus.Server.Tasks.Deploy.PackagePusher.<>c__DisplayClass1.<Push>b__0(IPackageService service) in c:\w\e6923628be6eaf72\source\Octopus.Server\Tasks\Deploy\PackagePusher.cs:line 33
at Octopus.Server.Proxies.ClientBroker`1.CallOneWay(MachineEndpoint endpoint, Action`1 callback) in c:\w\e6923628be6eaf72\source\Octopus.Server\Proxies\ClientBroker.cs:line 117
at Octopus.Server.Tasks.Deploy.UploadPackageActivity.<>c__DisplayClass1.<Execute>b__0() in c:\w\e6923628be6eaf72\source\Octopus.Server\Tasks\Deploy\UploadPackageActivity.cs:line 26
at Octopus.Shared.Activities.Activity`1.StartNewThread.Execute() in c:\w\e6923628be6eaf72\source\Octopus.Shared\Activities\Activity.cs:line 43

Hi,

It looks like the thumbprint you entered in the Add machine dialog in the Octopus web portal does not match the thumbprint of the certificate that the Tentacle is running. If you’ve changed the thumbprint on the Tentacle, you’ll need to restart the Tentacle service to have the change picked up.

Paul

That seemed to do the trick!

Thanks