Summary
Identity Provider Public Certificate from Okta fails to Upload to Mattermost
Steps to reproduce
Mattermost Enterprise Edition
System Console > AUTHENTICATION > SAML
Upload Identity Provider Public Certifcate from Okta
https://docs.mattermost.com/deployment/sso-saml-okta.html
Expected behavior
Expected behavior is for the certificate to upload properly
Observed behavior
After Uploading the certificate file, it displays Could not save certificate file
Okta provides a .cert file; I have a suspicion that this is not the format that Mattermost is expecting…
it33
August 26, 2016, 9:50pm
2
Thanks @pmccarthy , any error messages in the logs?
[2016/08/26 17:42:57 EDT] [EROR] /api/v3/admin/add_certificate:addCertificate code=500 rid=... uid=... ip=... Could not save certificate file [details: open /opt/mattermost/config/okta.cert: permission denied]
Interesting. I just upgraded to Enterprise from Team Edition and it looks like I needed to redo these commands:
sudo chown -R mattermost:mattermost /opt/mattermost
sudo chmod -R g+w /opt/mattermost
The upgrade documentation should probably mention that
I just submitted some Issues on github to update documentation
it33
August 26, 2016, 10:31pm
6
Thanks @pmccarthy , highly appreciated! I’ve proposed adding a step in the release process to review our upgrade and install guides for issues like this: https://github.com/mattermost/docs/issues/404