| CARVIEW |
Select Language
HTTP/2 200
server: nginx
date: Mon, 14 Jul 2025 14:43:41 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=0, private, must-revalidate
content-security-policy:
etag: W/"0d05badce1eae850aa6aff97e5b33520"
nel: {"max_age": 0}
permissions-policy: interest-cohort=()
set-cookie: _gitlab_session=8d528ae4aac550ee57dbb64b5b1985df; path=/; secure; HttpOnly; SameSite=None
vary: Accept
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-gitlab-meta: {"correlation_id":"01K04P8FX81DR1ZW2W7BYESJ3Z","version":"1"}
x-permitted-cross-domain-policies: none
x-request-id: 01K04P8FX81DR1ZW2W7BYESJ3Z
x-runtime: 0.131422
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block
strict-transport-security: max-age=63072000
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
Validate cert store before running the agent (#1352) · Issues · ISC Open Source Projects / stork · GitLab
Skip to content
Validate cert store before running the agent
If the --server-url flag or the STORK_AGENT_SERVER_URL environment variable is not used, the agent certificates and tokens are not validated.
It causes the Stork agent to run without some certs or with invalid ones. The agent is running, but it isn't operational. It throws a lot of weird errors on every connection.
We must always verify the certs on startup, prevent running the agent if something is wrong, and print the descriptive log message to hint users they must manually re-register the agent.
time="2024-03-29 07:32:20" level="error" msg="Could not setup TLS key pair" file=" agent.go:98 " error="could not read the private key: could not read the file: /var/lib/stork-agent/certs/key.pem: open /var/lib/stork-agent/certs/key.pem: no such file or directory"