Univention Bugzilla – Bug 51814
Certain wrong App Settings may block openid-connect-provider container from starting
Last modified: 2020-08-12 17:40:20 CEST
When entering incorrect app settings for the OpenID Connect App, the app container can fail to start. Accessing and fixing the app settings is then impossible, because the app center tries to read them from the running container. One way to revert this is to remove and reinstall the app. For example, when configuring an invalid signing method (value 2566), the container logs show Entrypoint: Setting signing_method to PS2566 Entrypoint: Setting signed-out-uri to https://ucsmaster.mydomain.intranet/ + bindpw=<redacted> + export 'LDAP_BINDPW=<redacted + dockerize -wait file:///etc/machine-id -wait file:///var/lib/dbus/machine-id -timeout 360s 2020/08/12 12:45:33 Waiting for: file:///etc/machine-id 2020/08/12 12:45:33 Waiting for: file:///var/lib/dbus/machine-id 2020/08/12 12:45:34 File file:///var/lib/dbus/machine-id had been generated 2020/08/12 12:45:34 File file:///etc/machine-id had been generated + exec konnectd serve '--signing-private-key=/etc/kopano/konnectd-signing-private-key.pem' '--encryption-secret=/etc/kopano/konnectd-encryption-secret.key' --identifier-registration-conf /etc/kopano/konnectd-identifier-registration.yaml --identifier-scopes-conf /etc/kopano/konnectd-identifier-scopes.yaml '--iss=https://ucs-sso1.mydomain.intranet' '--signing-method=PS2566' '--signed-out-uri=https://ucsmaster.mydomain.intranet/' '--log-level=debug' ldap time="2020-08-12T12:45:34Z" level=info msg="serve start" time="2020-08-12T12:45:34Z" level=info msg="loading encryption secret from file" file=/etc/kopano/konnectd-encryption-secret.key Error: unknown signing method: PS2566