Reputation: 6345
CodeDeploy fails with the message "Validation of PKCS7 signed message failed"
I have a pretty standard CodePipeline/CodeDeploy setup that has been working flawlessly for months. Suddenly, and without us changing anything, deployments fail with the following message:
Validation of PKCS7 signed message failed
According to the documentation, this should only happen on very old versions of the CodeDeploy agent:
This error message indicates the instance is running a version of the CodeDeploy agent that supports only the SHA-1 hash algorithm. Support for the SHA-2 hash algorithm was introduced in version 1.0.1.854 of the CodeDeploy agent, released in November 2015. Effective October 17, 2016, deployments will fail if a version of the CodeDeploy agent earlier than 1.0.1.854 is installed.
However, that is not the case on my setup. All our instances run version 1.0-1.1597 (latest stable). I tried re-installing the agent, yet the issue remains. Deploying a different project with a very similar setup (same agent version) works without a hitch.
Help?
Upvotes: 2
Views: 493
Answers (1)
Reputation: 6345
Apparently, the CodeDeploy agent was stuck in limbo.
I did a fresh install, and after restarting the service a couple of times I managed to get the venerable Loaded: loaded, Active: active (running) status. Deployments now work fine.
That said, I have absolutely no idea what caused the issue. The agent was active when deployments were failing, and the error message is completely nonsensical.
Upvotes: 2
Related Questions
- AWS CodeDeploy deployment failed at event BlockTraffic
- CodeDeploy fails on BeforeBlockTraffic
- Unable to deploy code on ec2 instance using codedeploy
- AWS CodeDeploy stuck in AllowTraffic step
- AWS CodeDeploy failed without a reason
- AWS CodeDeploy deployment not starting
- AWS CodeDeploy shows successful even deployment fails
- AWS CodeDeploy Access Denied error
- Amazon CodeDeploy. Deployment failed
- AWS CodeDeploy - Error deploying - ApplicationDoesNotExistException