Error in configuration of gen3 client

/dataclient_linux$ ./gen3-client configure --profile=democdac --cred=/credentials_1.json --apiendpoint=

2020/02/25 17:51:53 Error occurred when validating profile config: Error occurred in RequestNewAccessKey: Error occurred during making HTTP request: Post /user/credentials/api/access_token: x509: certificate signed by unknown authority

This is the error we r getting for configuration,

Hi @s-ankita! Welcome to the forum!

From your post it is unclear if you are trying to run gen3-client against Compose Services locally on your own laptop/station, or on the server, or against Cloud Automation?

If you are running Compose Services, probably the error appears due to self-signed certificate. As a first step I would suggest to add self-signed certificate to your trusted certificates. Steps may vary depending on OS you use.


We will try adding the self-signed certificate.

We added the certificate.
Profile configured successfully. Thanks.

But now how to give access to this profile so that we can upload the data.

Is there any default admin account? we have logged in to the server using gmail only and cant see anything to grant access to the user profiles.

Hi @s-ankita!

User privileges are configured in the user.yaml file. Please follow these instructions to grant yourself admin access

We r trying to upload using gen3 client CLI
./gen3-client upload --profile=demo --upload-path=file1.txt

But we r getting error and r not able to find the reason.
ERR msg:
You don't have permission to upload data, detailed error message: 503 Service Unavailable error has occurred! Please check backend services for more details

user.yaml is now synced, we can see all permissions when auth command is run.

In the tutorials online, List of projects r displayed when submit data is clicked.
below is the tutorial,

1. Prepare Project in Submission Portal

In order to upload data files, at least one record in the core_metadata_collection node must exist. If your project already has at least one record in this node, you can skip to step 2 below.

Do the following to create your first core_metadata_collection record:

  1. Go to your data commons’ submission portal website
  2. Click on ‘Submit Data’
  3. Find your project in the List of Projects and click ‘Submit Data’
  4. Click ‘Use Form Submission’ and choose core_metadata_collection from the dropdown list (or edit and upload this TSV by clicking ‘Upload File’ then ‘Submit’)
  5. Fill in the required information (see Note below)
  6. Click ‘Upload submission json from form’ and then ‘Submit’
  7. Make note of the submitter_id of your core_metadata_collection record for step 3 below

So, as per step 3 we cant see any list of projects.
I am logged in using gmail which is now admin (done as u suggested above)

What r these projects, where and who is creating them, We cant see anything there, hence cant move ahead with uploading may be...

Hi Ankita!

Programs and projects are required nodes by Gen3 Commons, and Gen3 commons administrators can create them from the portal interface. You can find instructions on how to create a program and a project here: After creating new programs and projects, it is recommended to update user.yaml file to grant yourself or other users access to these new projects.


I did try these steps to creat Program and Project,
When I submitted the form for Project i.e
visiting the /_root, i selected form submission for Program
Added the values for 2 fields DBgap_accession number and Name

But on submission I got an error 401: unauthentication error (saw this in dev tools the response )

{"message":"Authentication Error: invalid issuer; expected: ['https://localhost/user', 'http://fence-service/']"}

Whereas in user.yaml file my user email I have set admin:true
is there any configuration part I am missing ?

Another thing is, while using Gen3-client CLI, to upload a data-file

2020/04/15 16:43:31 You don't have permission to upload data, detailed error message: 503 Service Unavailable error has occurred! Please check backend services for more details

2020/04/15 16:43:31 Retry upload has started...
2020/04/15 16:43:31 1 records has been sent to the retry channel

Although, I can see the permissions to the profile using auth command, But cant upload,
If u can please let me know what am i missing?

Below is the error in the fence-service logs at the backend, when we try to upload the data using gen3-client CLI

Details: {'message': 'Fail to reach AWS: An error occurred (RequestTimeTooSkewed) when calling the GetBucketLocation operation: The difference between the request time and the current time is too large.'}

Hi Ankita!

Would you mind to send logs so I can understand better what is going on? Here are instructions on how to create a log archive.

Also, I wonder if you would like to join our slack channel, where Gen3 developers and Gen3 enthusiasts share their expirience in setting up / configuring / using Gen3.

Yes sure, I would like to join the slack channel, you can send the invite.

Here are the logs u asked for

Hi Ankita!
We sent you an invite to the slack :slight_smile:
Thank you for providing logs.

@s-ankita, could you please check value of a hostname field in your sheepdog_creds.json and peregrine_creds.json files inside in your Secrets folder?

Got The Invite, Thank you :slightly_smiling_face: