Amazon is deprecating SOAP API causing EC2 instances to shut down immediately

XMLWordPrintable

    • Type: Bug
    • Resolution: Fixed
    • Priority: High
    • None
    • Affects Version/s: 5.7-OD-06-009
    • Component/s: None
    • None

      From version 1.6.14.0 onwards of the Amazon EC2 CLI tools, the private key (-K, --private-key) and X.509 certificate (-C, --cert) options are not supported. This means that custom bamboo EC2 instances will shut down within minutes of starting up if they are using those variables.

      You may see the following stack trace on your EC2 instance before it is shut down:

      ==> setupEbsSnapshot.log <==
Unexpected error:
org.codehaus.xfire.fault.XFireFault: General security error; nested exception is: 
java.security.cert.CertificateParsingException: invalid DER-encoded certificate data
at org.codehaus.xfire.fault.XFireFault.createFault(XFireFault.java:89)
at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:83)
at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:114)
at org.codehaus.xfire.client.Client.invoke(Client.java:336)
at org.codehaus.xfire.client.XFireProxy.handleRequest(XFireProxy.java:77)
at org.codehaus.xfire.client.XFireProxy.invoke(XFireProxy.java:57)
at com.sun.proxy.$Proxy12.createVolume(Unknown Source)
at com.amazon.aes.webservices.client.Jec2Impl.createVolume(Jec2Impl.java:2732)
at com.amazon.aes.webservices.client.cmd.CreateVolume.invokeOnline(CreateVolume.java:88)
at com.amazon.aes.webservices.client.cmd.BaseCmd.invoke(BaseCmd.java:1071)
at com.amazon.aes.webservices.client.cmd.CreateVolume.main(CreateVolume.java:98)
Caused by: org.apache.ws.security.WSSecurityException: General security error; nested exception is: 
java.security.cert.CertificateParsingException: invalid DER-encoded certificate data
at com.amazon.aes.webservices.client.CryptoProxy.getCertificates(CryptoProxy.java:76)
at org.apache.ws.security.message.WSSecSignature.prepare(WSSecSignature.java:291)
at com.amazon.aes.webservices.client.Jec2Impl.signRequest(Jec2Impl.java:301)
at com.amazon.aes.webservices.client.Jec2Impl.access$000(Jec2Impl.java:97)
at com.amazon.aes.webservices.client.Jec2Impl$1.invoke(Jec2Impl.java:204)
at org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)
at org.codehaus.xfire.client.Invocation.invoke(Invocation.java:79)
... 9 more
Caused by: java.security.cert.CertificateParsingException: invalid DER-encoded certificate data
at sun.security.x509.X509CertImpl.parse(X509CertImpl.java:1703)
at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:301)
at sun.security.provider.X509Factory.engineGenerateCertificate(X509Factory.java:104)
at java.security.cert.CertificateFactory.generateCertificate(CertificateFactory.java:305)
at com.amazon.aes.webservices.client.CryptoProxy.getCertByName(CryptoProxy.java:116)
at com.amazon.aes.webservices.client.CryptoProxy.getCertificates(CryptoProxy.java:74)
... 15 more
ec2-create-volume failed (exit code 0). Output:

      To work around this problem you'll need to use your access key ID (-O, --aws-access-key) and secret access key (-W, --aws-secret-key) in scripts and environment variables instead.

            Assignee:
            Przemek Bruski
            Reporter:
            Matthew Hunter
            Votes:
            1 Vote for this issue
            Watchers:
            6 Start watching this issue

              Created:
              Updated:
              Resolved: