'FABRIC_E_SERVER_AUTHENTICATION_FAILED: CertificateNotMatched
I have .net core project utilizing service fabric. I set up a build pipeline to deploy to my service fabric managed cluster in azure. When setting up the service connection type step, I utilized the cert I associated with my cluster. It is a self signed cert in keyvault. During the deployment process I keep getting the following error
FABRIC_E_SERVER_AUTHENTICATION_FAILED: CertificateNotMatched
The stack trace is as follows
2022-01-26T21:41:13.0165883Z ##[debug]Processed: ##vso[task.logissue type=warning]Failed to contact Failover Manager Service, Attempting to contact FMM...
2022-01-26T21:41:13.0587416Z ##[debug]System.Fabric.FabricServerAuthenticationFailedException: FABRIC_E_SERVER_AUTHENTICATION_FAILED: CertificateNotMatched ---> System.Runtime.InteropServices.COMException: Exception from HRESULT: 0x80071C44
2022-01-26T21:41:13.0600016Z ##[debug] at System.Fabric.Interop.NativeClient.IFabricQueryClient12.EndGetPartitionList2(IFabricAsyncOperationContext context)
2022-01-26T21:41:13.0611858Z ##[debug] at System.Fabric.FabricClient.QueryClient.GetPartitionListAsyncEndWrapper(IFabricAsyncOperationContext context)
2022-01-26T21:41:13.0623788Z ##[debug] at System.Fabric.Interop.AsyncCallOutAdapter2`1.Finish(IFabricAsyncOperationContext context, Boolean expectedCompletedSynchronously)
2022-01-26T21:41:13.0635475Z ##[debug] --- End of inner exception stack trace ---
2022-01-26T21:41:13.0854075Z ##[debug]System.Management.Automation.PipelineStoppedException: The pipeline has been stopped.
2022-01-26T21:41:13.0865504Z ##[debug] at System.Management.Automation.MshCommandRuntime.ThrowTerminatingError(ErrorRecord errorRecord)
2022-01-26T21:41:13.0876005Z ##[debug] at System.Management.Automation.Cmdlet.ThrowTerminatingError(ErrorRecord errorRecord)
2022-01-26T21:41:13.0886710Z ##[debug] at Microsoft.ServiceFabric.Powershell.CommonCmdletBase.TestClusterConnection(IClusterConnection clusterConnection, Boolean testNetwork)
2022-01-26T21:41:13.0897006Z ##[debug] at Microsoft.ServiceFabric.Powershell.ConnectCluster.ProcessRecord()
2022-01-26T21:41:13.0913858Z ##[debug]System.Management.Automation.PipelineStoppedException: The pipeline has been stopped.
2022-01-26T21:41:13.0924251Z ##[debug] at System.Management.Automation.MshCommandRuntime.ThrowTerminatingError(ErrorRecord errorRecord)
2022-01-26T21:41:13.0934735Z ##[debug] at System.Management.Automation.Cmdlet.ThrowTerminatingError(ErrorRecord errorRecord)
2022-01-26T21:41:13.0944961Z ##[debug] at Microsoft.ServiceFabric.Powershell.ConnectCluster.ProcessRecord()
2022-01-26T21:41:13.1818805Z ##[debug]Leaving Connect-ServiceFabricClusterFromServiceEndpoint.
I'm not sure where to start in order to track down what its looking for here.
Solution 1:[1]
The 'certificate not matched' issue, which occurs when one of the parties in a Service Fabric-to-Service Fabric connection presents a certificate that fails the recipient's validation requirements, is one possible cause for connection attempts to be terminated.
According to this MSFT documentation, To troubleshoot the error 'FABRIC E SERVER AUTHENTICATION FAILED,' determine which certificate is being presented on each of the nodes attempting the connection; study the certificate and try to copy the validation rules (check for thumbprint or common name equality)
Solution 2:[2]
Fix your service connection by navigating to your service fabric cluster explorer url
https://mysfurl.westeurope.cloudapp.azure.com:19080/Explorer/index.html
Then look at the certificate information and copy the certificate thumbprint into thumbprint or "issued to" into common name for the service connection.
Deployment will succeed
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | SuryasriKamini-MT |
| Solution 2 | rfcdejong |