{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations","id":"40159","self":"https://jira.geedge.net/rest/api/2/issue/40159","key":"OMPUB-1113","fields":{"issuetype":{"self":"https://jira.geedge.net/rest/api/2/issuetype/10002","id":"10002","description":"需要完成的任务。","iconUrl":"https://jira.geedge.net/secure/viewavatar?size=xsmall&avatarId=10318&avatarType=issuetype","name":"任务","subtask":false,"avatarId":10318},"components":[],"timespent":null,"timeoriginalestimate":null,"description":"STS的测试环境中部署TSG21.09版本系统，客户想测试解密流量转发的功能；当成功配置安全策略之后，使用windows客户端访问页面(google.com)提示证书无效（此前出过相同提示，当时由于证书过期，现在已经替换了新的证书）","project":{"self":"https://jira.geedge.net/rest/api/2/project/10206","id":"10206","key":"OMPUB","name":"Operation and Maintenance","projectTypeKey":"business","avatarUrls":{"48x48":"https://jira.geedge.net/secure/projectavatar?pid=10206&avatarId=10715","24x24":"https://jira.geedge.net/secure/projectavatar?size=small&pid=10206&avatarId=10715","16x16":"https://jira.geedge.net/secure/projectavatar?size=xsmall&pid=10206&avatarId=10715","32x32":"https://jira.geedge.net/secure/projectavatar?size=medium&pid=10206&avatarId=10715"},"projectCategory":{"self":"https://jira.geedge.net/rest/api/2/projectCategory/10002","id":"10002","description":"系统运维","name":"MaintenanceDev"}},"fixVersions":[],"aggregatetimespent":null,"resolution":null,"timetracking":{},"customfield_10401":null,"customfield_10104":null,"customfield_10402":null,"customfield_10105":"0|i04yhg:","customfield_10403":null,"customfield_10404":null,"attachment":[{"self":"https://jira.geedge.net/rest/api/2/attachment/50431","id":"50431","filename":"chrome提示.png","author":{"self":"https://jira.geedge.net/rest/api/2/user?username=jiaojianzhi","name":"jiaojianzhi","key":"JIRAUSER10249","emailAddress":"jiaojianzhi@geedgenetworks.com","avatarUrls":{"48x48":"https://jira.geedge.net/secure/useravatar?avatarId=10500","24x24":"https://jira.geedge.net/secure/useravatar?size=small&avatarId=10500","16x16":"https://jira.geedge.net/secure/useravatar?size=xsmall&avatarId=10500","32x32":"https://jira.geedge.net/secure/useravatar?size=medium&avatarId=10500"},"displayName":"焦建致","active":false,"timeZone":"Asia/Shanghai"},"created":"2024-01-15T19:44:20.807+0800","size":97427,"mimeType":"image/png","content":"https://jira.geedge.net/secure/attachment/50431/chrome%E6%8F%90%E7%A4%BA.png","thumbnail":"https://jira.geedge.net/secure/thumbnail/50431/_thumb_50431.png"},{"self":"https://jira.geedge.net/rest/api/2/attachment/50451","id":"50451","filename":"tango-ca-v3-trust-ca.pem","author":{"self":"https://jira.geedge.net/rest/api/2/user?username=luwenpeng","name":"luwenpeng","key":"JIRAUSER10108","emailAddress":"luwenpeng@geedgenetworks.com","avatarUrls":{"48x48":"https://www.gravatar.com/avatar/d86c22d3a05558b17fc1e70601ddf4a3?d=mm&s=48","24x24":"https://www.gravatar.com/avatar/d86c22d3a05558b17fc1e70601ddf4a3?d=mm&s=24","16x16":"https://www.gravatar.com/avatar/d86c22d3a05558b17fc1e70601ddf4a3?d=mm&s=16","32x32":"https://www.gravatar.com/avatar/d86c22d3a05558b17fc1e70601ddf4a3?d=mm&s=32"},"displayName":"卢文朋","active":true,"timeZone":"Asia/Shanghai"},"created":"2024-01-16T10:46:47.040+0800","size":3087,"mimeType":"application/x-x509-ca-cert","content":"https://jira.geedge.net/secure/attachment/50451/tango-ca-v3-trust-ca.pem"},{"self":"https://jira.geedge.net/rest/api/2/attachment/50429","id":"50429","filename":"安装证书位置.png","author":{"self":"https://jira.geedge.net/rest/api/2/user?username=jiaojianzhi","name":"jiaojianzhi","key":"JIRAUSER10249","emailAddress":"jiaojianzhi@geedgenetworks.com","avatarUrls":{"48x48":"https://jira.geedge.net/secure/useravatar?avatarId=10500","24x24":"https://jira.geedge.net/secure/useravatar?size=small&avatarId=10500","16x16":"https://jira.geedge.net/secure/useravatar?size=xsmall&avatarId=10500","32x32":"https://jira.geedge.net/secure/useravatar?size=medium&avatarId=10500"},"displayName":"焦建致","active":false,"timeZone":"Asia/Shanghai"},"created":"2024-01-15T19:44:21.520+0800","size":194789,"mimeType":"image/png","content":"https://jira.geedge.net/secure/attachment/50429/%E5%AE%89%E8%A3%85%E8%AF%81%E4%B9%A6%E4%BD%8D%E7%BD%AE.png","thumbnail":"https://jira.geedge.net/secure/thumbnail/50429/_thumb_50429.png"},{"self":"https://jira.geedge.net/rest/api/2/attachment/50430","id":"50430","filename":"证书详情.png","author":{"self":"https://jira.geedge.net/rest/api/2/user?username=jiaojianzhi","name":"jiaojianzhi","key":"JIRAUSER10249","emailAddress":"jiaojianzhi@geedgenetworks.com","avatarUrls":{"48x48":"https://jira.geedge.net/secure/useravatar?avatarId=10500","24x24":"https://jira.geedge.net/secure/useravatar?size=small&avatarId=10500","16x16":"https://jira.geedge.net/secure/useravatar?size=xsmall&avatarId=10500","32x32":"https://jira.geedge.net/secure/useravatar?size=medium&avatarId=10500"},"displayName":"焦建致","active":false,"timeZone":"Asia/Shanghai"},"created":"2024-01-15T19:44:20.859+0800","size":109851,"mimeType":"image/png","content":"https://jira.geedge.net/secure/attachment/50430/%E8%AF%81%E4%B9%A6%E8%AF%A6%E6%83%85.png","thumbnail":"https://jira.geedge.net/secure/thumbnail/50430/_thumb_50430.png"}],"aggregatetimeestimate":null,"resolutiondate":null,"workratio":-1,"summary":"【K18现场】TSG21.09 执行Intercept策略客户端提示证书无效","lastViewed":null,"watches":{"self":"https://jira.geedge.net/rest/api/2/issue/OMPUB-1113/watchers","watchCount":3,"isWatching":false},"creator":{"self":"https://jira.geedge.net/rest/api/2/user?username=jiaojianzhi","name":"jiaojianzhi","key":"JIRAUSER10249","emailAddress":"jiaojianzhi@geedgenetworks.com","avatarUrls":{"48x48":"https://jira.geedge.net/secure/useravatar?avatarId=10500","24x24":"https://jira.geedge.net/secure/useravatar?size=small&avatarId=10500","16x16":"https://jira.geedge.net/secure/useravatar?size=xsmall&avatarId=10500","32x32":"https://jira.geedge.net/secure/useravatar?size=medium&avatarId=10500"},"displayName":"焦建致","active":false,"timeZone":"Asia/Shanghai"},"subtasks":[],"created":"2024-01-15T19:50:46.210+0800","reporter":{"self":"https://jira.geedge.net/rest/api/2/user?username=jiaojianzhi","name":"jiaojianzhi","key":"JIRAUSER10249","emailAddress":"jiaojianzhi@geedgenetworks.com","avatarUrls":{"48x48":"https://jira.geedge.net/secure/useravatar?avatarId=10500","24x24":"https://jira.geedge.net/secure/useravatar?size=small&avatarId=10500","16x16":"https://jira.geedge.net/secure/useravatar?size=xsmall&avatarId=10500","32x32":"https://jira.geedge.net/secure/useravatar?size=medium&avatarId=10500"},"displayName":"焦建致","active":false,"timeZone":"Asia/Shanghai"},"customfield_10000":"{summaryBean=com.atlassian.jira.plugin.devstatus.rest.SummaryBean@3de39099[summary={pullrequest=com.atlassian.jira.plugin.devstatus.rest.SummaryItemBean@3353db3b[overall=PullRequestOverallBean{stateCount=0, state='OPEN', details=PullRequestOverallDetails{openCount=0, mergedCount=0, declinedCount=0}},byInstanceType={}], build=com.atlassian.jira.plugin.devstatus.rest.SummaryItemBean@725b8cb7[overall=com.atlassian.jira.plugin.devstatus.summary.beans.BuildOverallBean@5f7c1bc4[failedBuildCount=0,successfulBuildCount=0,unknownBuildCount=0,count=0,lastUpdated=<null>,lastUpdatedTimestamp=<null>],byInstanceType={}], review=com.atlassian.jira.plugin.devstatus.rest.SummaryItemBean@7f9be9be[overall=com.atlassian.jira.plugin.devstatus.summary.beans.ReviewsOverallBean@41f0b259[stateCount=0,state=<null>,dueDate=<null>,overDue=false,count=0,lastUpdated=<null>,lastUpdatedTimestamp=<null>],byInstanceType={}], deployment-environment=com.atlassian.jira.plugin.devstatus.rest.SummaryItemBean@6fe0b0e4[overall=com.atlassian.jira.plugin.devstatus.summary.beans.DeploymentOverallBean@50fd24e7[topEnvironments=[],showProjects=false,successfulCount=0,count=0,lastUpdated=<null>,lastUpdatedTimestamp=<null>],byInstanceType={}], repository=com.atlassian.jira.plugin.devstatus.rest.SummaryItemBean@708bf15f[overall=com.atlassian.jira.plugin.devstatus.summary.beans.CommitOverallBean@342de76d[count=0,lastUpdated=<null>,lastUpdatedTimestamp=<null>],byInstanceType={}], branch=com.atlassian.jira.plugin.devstatus.rest.SummaryItemBean@5e20069c[overall=com.atlassian.jira.plugin.devstatus.summary.beans.BranchOverallBean@67c3dba3[count=0,lastUpdated=<null>,lastUpdatedTimestamp=<null>],byInstanceType={}]},errors=[],configErrors=[]], devSummaryJson={\"cachedValue\":{\"errors\":[],\"configErrors\":[],\"summary\":{\"pullrequest\":{\"overall\":{\"count\":0,\"lastUpdated\":null,\"stateCount\":0,\"state\":\"OPEN\",\"details\":{\"openCount\":0,\"mergedCount\":0,\"declinedCount\":0,\"total\":0},\"open\":true},\"byInstanceType\":{}},\"build\":{\"overall\":{\"count\":0,\"lastUpdated\":null,\"failedBuildCount\":0,\"successfulBuildCount\":0,\"unknownBuildCount\":0},\"byInstanceType\":{}},\"review\":{\"overall\":{\"count\":0,\"lastUpdated\":null,\"stateCount\":0,\"state\":null,\"dueDate\":null,\"overDue\":false,\"completed\":false},\"byInstanceType\":{}},\"deployment-environment\":{\"overall\":{\"count\":0,\"lastUpdated\":null,\"topEnvironments\":[],\"showProjects\":false,\"successfulCount\":0},\"byInstanceType\":{}},\"repository\":{\"overall\":{\"count\":0,\"lastUpdated\":null},\"byInstanceType\":{}},\"branch\":{\"overall\":{\"count\":0,\"lastUpdated\":null},\"byInstanceType\":{}}}},\"isStale\":false}}","aggregateprogress":{"progress":0,"total":0},"customfield_10100":null,"priority":{"self":"https://jira.geedge.net/rest/api/2/priority/3","iconUrl":"https://jira.geedge.net/images/icons/priorities/medium.svg","name":"Medium","id":"3"},"customfield_10200":null,"customfield_10400":null,"labels":["K现场"],"environment":null,"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"duedate":null,"progress":{"progress":0,"total":0},"issuelinks":[],"comment":{"comments":[{"self":"https://jira.geedge.net/rest/api/2/issue/40159/comment/73314","id":"73314","author":{"self":"https://jira.geedge.net/rest/api/2/user?username=luwenpeng","name":"luwenpeng","key":"JIRAUSER10108","emailAddress":"luwenpeng@geedgenetworks.com","avatarUrls":{"48x48":"https://www.gravatar.com/avatar/d86c22d3a05558b17fc1e70601ddf4a3?d=mm&s=48","24x24":"https://www.gravatar.com/avatar/d86c22d3a05558b17fc1e70601ddf4a3?d=mm&s=24","16x16":"https://www.gravatar.com/avatar/d86c22d3a05558b17fc1e70601ddf4a3?d=mm&s=16","32x32":"https://www.gravatar.com/avatar/d86c22d3a05558b17fc1e70601ddf4a3?d=mm&s=32"},"displayName":"卢文朋","active":true,"timeZone":"Asia/Shanghai"},"body":"根据现场提供的截图可知，签发证书的CA是 CN = Tango Secure Gateway CA, O = Maserati Solution\r\n\r\n!证书详情.png|thumbnail!\r\n\r\n此CA证书与certstore-2.1.8.20210604.8077136 RPM安装包中内置CA[^tango-ca-v3-trust-ca.pem]证书的Subject: CN = Tango Secure Gateway CA, O = Maserati Solution一致。\r\n\r\n当certstore无法获取到keyring策略或者certstore出现异常时会使用内置的CA证书进行签发。\r\n\r\n \r\n\r\n建议排查拦截策略配置的keyring证书是否同步到对应的certstore，并检查对应的certstore是否有错误日志，请[~fengweihao]补充具体的排查步骤。","updateAuthor":{"self":"https://jira.geedge.net/rest/api/2/user?username=luwenpeng","name":"luwenpeng","key":"JIRAUSER10108","emailAddress":"luwenpeng@geedgenetworks.com","avatarUrls":{"48x48":"https://www.gravatar.com/avatar/d86c22d3a05558b17fc1e70601ddf4a3?d=mm&s=48","24x24":"https://www.gravatar.com/avatar/d86c22d3a05558b17fc1e70601ddf4a3?d=mm&s=24","16x16":"https://www.gravatar.com/avatar/d86c22d3a05558b17fc1e70601ddf4a3?d=mm&s=16","32x32":"https://www.gravatar.com/avatar/d86c22d3a05558b17fc1e70601ddf4a3?d=mm&s=32"},"displayName":"卢文朋","active":true,"timeZone":"Asia/Shanghai"},"created":"2024-01-16T10:50:30.284+0800","updated":"2024-01-16T10:50:30.284+0800"},{"self":"https://jira.geedge.net/rest/api/2/issue/40159/comment/73444","id":"73444","author":{"self":"https://jira.geedge.net/rest/api/2/user?username=fengweihao","name":"fengweihao","key":"JIRAUSER10110","emailAddress":"fengweihao@geedgenetworks.com","avatarUrls":{"48x48":"https://www.gravatar.com/avatar/3bddeeb16a4306fa184f545ab7d34129?d=mm&s=48","24x24":"https://www.gravatar.com/avatar/3bddeeb16a4306fa184f545ab7d34129?d=mm&s=24","16x16":"https://www.gravatar.com/avatar/3bddeeb16a4306fa184f545ab7d34129?d=mm&s=16","32x32":"https://www.gravatar.com/avatar/3bddeeb16a4306fa184f545ab7d34129?d=mm&s=32"},"displayName":"冯伟浩","active":true,"timeZone":"Asia/Shanghai"},"body":"错误日志查看：\r\n * 进入运行目录： cd /opt/tsg/certstore\r\n * 查看日志： tail -fn 100 logs/certstore.log.2024-xx-xx\r\n\r\n是否存在错误日志：\"Warning: Use local keypair, sign cert!!!\"\r\n\r\n排错步骤：\r\n * Keyring策略表PXY_PROFILE_KEYRING是否同步到功能端\r\n * Keyring策略表是否存在拦截策略中指定的keyring_id","updateAuthor":{"self":"https://jira.geedge.net/rest/api/2/user?username=fengweihao","name":"fengweihao","key":"JIRAUSER10110","emailAddress":"fengweihao@geedgenetworks.com","avatarUrls":{"48x48":"https://www.gravatar.com/avatar/3bddeeb16a4306fa184f545ab7d34129?d=mm&s=48","24x24":"https://www.gravatar.com/avatar/3bddeeb16a4306fa184f545ab7d34129?d=mm&s=24","16x16":"https://www.gravatar.com/avatar/3bddeeb16a4306fa184f545ab7d34129?d=mm&s=16","32x32":"https://www.gravatar.com/avatar/3bddeeb16a4306fa184f545ab7d34129?d=mm&s=32"},"displayName":"冯伟浩","active":true,"timeZone":"Asia/Shanghai"},"created":"2024-01-17T15:06:01.083+0800","updated":"2024-01-17T15:06:01.083+0800"},{"self":"https://jira.geedge.net/rest/api/2/issue/40159/comment/73572","id":"73572","author":{"self":"https://jira.geedge.net/rest/api/2/user?username=jiaojianzhi","name":"jiaojianzhi","key":"JIRAUSER10249","emailAddress":"jiaojianzhi@geedgenetworks.com","avatarUrls":{"48x48":"https://jira.geedge.net/secure/useravatar?avatarId=10500","24x24":"https://jira.geedge.net/secure/useravatar?size=small&avatarId=10500","16x16":"https://jira.geedge.net/secure/useravatar?size=xsmall&avatarId=10500","32x32":"https://jira.geedge.net/secure/useravatar?size=medium&avatarId=10500"},"displayName":"焦建致","active":false,"timeZone":"Asia/Shanghai"},"body":"由于客户最近需要去STS机房工作，无法连接到这个测试环境处理问题，估计要到1月19或者1月22可以尝试解决。","updateAuthor":{"self":"https://jira.geedge.net/rest/api/2/user?username=jiaojianzhi","name":"jiaojianzhi","key":"JIRAUSER10249","emailAddress":"jiaojianzhi@geedgenetworks.com","avatarUrls":{"48x48":"https://jira.geedge.net/secure/useravatar?avatarId=10500","24x24":"https://jira.geedge.net/secure/useravatar?size=small&avatarId=10500","16x16":"https://jira.geedge.net/secure/useravatar?size=xsmall&avatarId=10500","32x32":"https://jira.geedge.net/secure/useravatar?size=medium&avatarId=10500"},"displayName":"焦建致","active":false,"timeZone":"Asia/Shanghai"},"created":"2024-01-18T19:05:28.985+0800","updated":"2024-01-18T19:05:28.985+0800"}],"maxResults":3,"total":3,"startAt":0},"votes":{"self":"https://jira.geedge.net/rest/api/2/issue/OMPUB-1113/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"assignee":{"self":"https://jira.geedge.net/rest/api/2/user?username=fengweihao","name":"fengweihao","key":"JIRAUSER10110","emailAddress":"fengweihao@geedgenetworks.com","avatarUrls":{"48x48":"https://www.gravatar.com/avatar/3bddeeb16a4306fa184f545ab7d34129?d=mm&s=48","24x24":"https://www.gravatar.com/avatar/3bddeeb16a4306fa184f545ab7d34129?d=mm&s=24","16x16":"https://www.gravatar.com/avatar/3bddeeb16a4306fa184f545ab7d34129?d=mm&s=16","32x32":"https://www.gravatar.com/avatar/3bddeeb16a4306fa184f545ab7d34129?d=mm&s=32"},"displayName":"冯伟浩","active":true,"timeZone":"Asia/Shanghai"},"updated":"2024-02-22T10:48:18.528+0800","status":{"self":"https://jira.geedge.net/rest/api/2/status/10101","description":"","iconUrl":"https://jira.geedge.net/images/icons/status_generic.gif","name":"待办","id":"10101","statusCategory":{"self":"https://jira.geedge.net/rest/api/2/statuscategory/2","id":2,"key":"new","colorName":"blue-gray","name":"待办"}}}}