https://serverless-stack.com/ logo
Join Slack
Powered by
I’m suddenly seeing this on every API request (loc...
# help
s
I’m suddenly seeing this on every API request (locally)
Copy code
Warning: Ignoring extra certs from `/etc/pki/tls/certs/ca-bundle.crt`, load failed: error:02001002:system library:fopen:No such file or directory
anyone know what this is?
/etc/pki
doesn’t even exist on my system 😳
I’m gonna reboot
crap, that didn’t fix it
wow. this is gonna drive me crazy
enabling debugging, I get this. not sure if it’s something with npm/npx maybe? @thdxr what npx command is being spawned there, do you know?
t
Yeah that npx spawn is spawning the local process to run your lambda code
This is bizarre, I looked up the error and only found really obscure things
did you try nuking node modules?
s
yeah, tried that first
I could totally wipe my node install & reinstall that
while I’m at it, I’ll nuke nvm and replace it with fnm
t
I keep seeing people mention https://volta.sh/
s
cool, I’ll check that out! thanks
huh. so Volta lets you install stuff like yarn, node, any other global tools.. so they’re not tied to a specific node install/version?
this seems pretty badass 🤔
well, it didn’t fix my problem. but hey, Volta is super cool and I’ll keep using it 😄
o
I’m getting the same thing btw:
Copy code
Warning: Ignoring extra certs from `/etc/pki/tls/certs/ca-bundle.crt`, load failed: error:02001002:system library:fopen:No such file or directory
t
This is bizarre, no upgrades lately?
s
whoa, weird
here’s a clue: it only happens on cold starts, I believe
no updates to serverless stack, no
@Omi Chowdhury what version of macOS are you on? I’m on 11.6
o
11.6 (20G165)
I did recently upgrade to big sur (11.6)
s
I’ve been on 11.6 for quite a while, no issues like this
o
but I think the issue wasn’t happening after that
s
is it possible AWS changed something on their end to cause this?
I wonder if this is a remote error coming through the CLI. because like I said, there is no 
/etc/pki
folder on my machine
crap, my sst debug process just froze up
last few lines in my debug log:
Copy code
[2021-11-04T23:16:17.836] [INFO] client - 4c68edc1-57b9-4732-b4ca-54abc8277490 RESPONSE {"statusCode":200,"body":"{\"items\":[],\"total\":0}","headers":{"Content-Type":"application/json"}}
[2021-11-04T23:16:17.837] [DEBUG] client - Sending payload via WebSocket
[2021-11-04T23:16:17.839] [DEBUG] client - Worker waiting for function 30b7a2cf
[2021-11-04T23:17:02.723] [DEBUG] websocket - Sending keep-alive call
not even ^C kills the process
@thdxr I can say with confidence that the warning only shows up on a cold start
or.. the first time I hit one of my API routes, I should say. (in live debug mode)
so whatever magic is going on upon that first function call, seems like that’s causing it
s
weird. Seeing exact same warning on mine too! Can second @Sam Hulick that it seems to only show on cold start. no recent updates to SST or mac.
s
I'm getting the same error 😕
j
https://aws.amazon.com/premiumsupport/knowledge-center/ec2-expired-certificate/ -- Seems like a Let's Encrypt issue coming from the underlying compute used to power AWS Lambda ? The problem is... that's supposed to be on AWS' turf based on the Shared Responsibility Model for serverless. 😅
t
I can't recreate this error since I'm on linux but can someone do the following: 1. Run sst start 2. Run this command 
AWS_LAMBDA_RUNTIME_API="localhost:12577/test" ./node_modules/@serverless-stack/aws-lambda-ric/bin/index.js .build/src/node/function.handler
- replace the path of function handler to a built function in your project (any one will do) 3. It should just hang but tell me if you see the error either in this command's console or sst start's console
a
same here, also have this tupid warning
s
@thdxr I’m on it. lemme try that
er.. I’m not sure what to supply for my function path. I don’t even have a 
.build/src
folder
oh wait. my code is in 
.build/sourcemaps/src
. ok hang on
nope. ok.. I’m confused about that last argument. is it supposed to be a file? or just a function name?
o
It's the same format as when you specify a lambda handler - file-path.functionName
s
yeah but I have a funky config with a different srcPath
well, srcPath is 
src
. here’s the API def:
Copy code
'GET /countries': 'lambda/rest/functions/get-countries.main',
and that lives in 
src/lambda/rest/functions/get-countries.ts
I’ve tried every combination I can think of, nothing works.. I just get 
Error: Cannot find module 'get-countries'
o
What's in your .build folder
s
Copy code
.build
├── cdk.out
├── eslint.js
├── lambda-handlers.json
├── lib
├── run.js
├── sourcemaps
├── sst-debug.log
├── sst-merged.json
├── static-site-environment-output-keys.json
└── static-site-environment-output-values.json

3 directories, 7 files
aha!
it had to be the full path to the .js file (in sourcemaps) but 
get-countries.main
. ok. yes, it the command did lock up. but I don’t see any messages in the console, nor the debug log
sorry Dax, I dunno how helpful that info was 😅
t
That is helpful! That lets me know the error is happening in SST and not in the runtime
what I was trying to find out
o
I tried to run that command, but couldn’t find the location of 
aws-lambda-ric
, but I don’t see the warning on sst start anymore
t
lol
what is going on!!!
s
sorry man 😕 those kinds of errors are the worst. super hard to pin down
t
I'm gonna borrow my fiance's iMac later and see
s
seems like this is something on AWS’s end, no? because that folder doesn’t exist locally. I would think it’s coming from somewhere remote
t
does that error happen before you invoke any functions?
or only after you invoke it
s
nope
it happens only upon the 1st invocation of a function
subsequent invocations of the same function are totally fine
t
I'm tracing through what happens when you invoke a function and afaik we don't even talk to aws directly for that process
s
it’s possible the error could also be a weird baked-in error message in an openSSL library or something related to it
t
Is it first invoke per function or first invoke period
s
it appears to be when a cold start occurs. so first invocation within a certain period of time
oddly enough, if I kill the sst start process and restart it, then hit a route I just hit seconds ago, I get the warning again
no way the function went cold that fast, unless there was a code deploy which freezes the Lambda function
t
The cold start you're saying is your "local" cold start
the process being spawned for the first time
s
yeah
so here’s a call to 
GET /reels
, after starting up the live debug process:
Copy code
16052683-5628-45f6-a5a5-369186c7470a REQUEST dev-microservices-api-reels-getReels [src/lambda/rest/functions/get-reels.main] invoked by API GET /reels
Warning: Ignoring extra certs from `/etc/pki/tls/certs/ca-bundle.crt`, load failed: error:02001002:system library:fopen:No such file or directory
16052683-5628-45f6-a5a5-369186c7470a RESPONSE {"statusCode":200,"body":"{\"items\":[{\"id\":\"b8faea94-5f7a-4cf5-8bc0-a6ba5c20e486\",\"name\":\"asdf\",\"active_version\":0,\"created_at\"... 247 more characters","headers":{"Content-Type":"application/json"}}
and when I hit that route the 2nd time:
Copy code
b6d89a95-382c-4537-88ce-af372d162044 REQUEST dev-microservices-api-reels-getReels [src/lambda/rest/functions/get-reels.main] invoked by API GET /reels
b6d89a95-382c-4537-88ce-af372d162044 RESPONSE {"statusCode":200,"body":"{\"items\":[{\"id\":\"b8faea94-5f7a-4cf5-8bc0-a6ba5c20e486\",\"name\":\"asdf\",\"active_version\":0,\"created_at\"... 247 more characters","headers":{"Content-Type":"application/json"}}
t
can you snag that part of the debug.log for me
s
you mean the 1st func call & the 2nd?
p
Was there any resolution here?
s
not yet
4 Views
Open in Slack
PreviousNext
Powered by