When structured run output is enabled the runs page displays "Error fetching plan data. Failed to fetch plan data: 500".
The structured run output uses the Terraform Enterprise backend certificates to complete this API request. The 500 error is typically due to a failure to complete the chain of trust when making outbound HTTPS connections due to expired or incorrectly configured certificates on the backend of Terraform Enterprise.
To determine the cause of the issue, connect to the ptfe_atlas container and grep for SSL_connect.
$ sudo docker logs ptfe_atlas | grep "SSL_connect"
It may produce an error similar to the following:
SSL_connect returned=1 errno=0 state=error: certificate verify failed (certificate has expired) excluded from capture: DSN not set
If there is an SSL_connect error then run the following command to determine how to resolve the certificate issue.
$ docker exec -it ptfe_atlas openssl s_client -showcerts -connect <TFE-HOSTNAME>:443
In the case below, the verify error shows that the root certificate has expired. The Terraform Enterprise application will need updated certificates in the CA bundle in order to resolve this issue. Once the certificates have been updated, restart the application so the containers can get the updated certificates. Once that process is completed, run the openssl command again to verify that the errors are resolved.
CONNECTED(00000003) depth=3 O = Digital Signature Trust Co., CN = DST Root CA X3 verify error:num=10:certificate has expired notAfter=Sep 30 14:01:15 2021 GMT verify return:1 depth=3 O = Digital Signature Trust Co., CN = DST Root CA X3 notAfter=Sep 30 14:01:15 2021 GMT verify return:1
- For additional questions please contact HashiCorp Support.