Automation Suite - Logging in to monitoring pages (https://monitoring.fqdn/metrics) returns 403 error

system · January 3, 2025, 4:27pm

How to fix 403 error occuring in Automation Suite while logging in to monitoring pages (https://monitoring.fqdn/metrics)?

In Automation Suite, while trying to access https://monitoring.fqdn/metrics URL, a 403 error occurs:

First, check the pod logs using `kubectl logs -f` and `kubectl describe pod` for a pod named `auth-oauth2-proxy-xxxxx` under the `uipath-auth` namespace.
Look for an error message like: `callback: token exchange failed: Post "https://monitoring.as.domain.com/dex/token": x509: certificate signed by unknown authority.`
If the error matches, follow these steps:
1. It seems the AS certificate has been updated to a company-issued or public certificate.
2. Open the AS link in a browser, locate the root certificate, and export it to a `.crt` or `.cer` file.
3. Move the exported certificate to the AS server nodes and place it in `/etc/pki/ca-trust/source/anchors`.
4. Run `update-ca-trust` on all nodes.
5. Return to any server node and use the `kubectl` command to restart the `auth-oauth2-proxy` deployment.

kubectl -n uipath-auth rollout restart deploy auth-oauth2-proxy

1. Try logging in again using a fresh incognito window to access the monitoring pages.

Topic		Replies	Views
Automation Suite - Troubleshooting - Error while contacting partition service to validate the organization (#401) Knowledge Base automation_suite_deployment_and_operatio	0	19	January 3, 2025
Loading Certificate Authority ( /etc/gateway-cert/ca.crt) Failed Knowledge Base automation_suite_deployment_and_operatio , 2023_4_2	0	1	January 3, 2025
Swagger UI - 401 You Are Not Authorized Knowledge Base orchestrator	0	53	January 3, 2025
Get Audit Logs API returns UnsupportedApiVersion Automation Suite	5	52	February 3, 2025
OpenAPI unable to work Activities uiautomation	2	913	March 25, 2021