Update exception message

author: Martin Polden <mpolden@mpolden.no> 2019-10-10 13:24:55 +0200
committer: Martin Polden <mpolden@mpolden.no> 2019-10-10 13:50:50 +0200
commit: b25cdf78899ea1f7a71a0a997cb9d11691390be2 (patch)
tree: fc4bfd83e4e16905a6fc9d5c694758d4aef4220d /athenz-identity-provider-service
parent: c1670f5b33c5bf3d2b8161b4a1b73f17eb685999 (diff)
2 files changed, 4 insertions, 3 deletions
diff --git a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/ca/restapi/CertificateAuthorityApiHandler.java b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/ca/restapi/CertificateAuthorityApiHandler.java
index 89a3170744d..1b9bdcdb987 100644
--- a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/ca/restapi/CertificateAuthorityApiHandler.java
+++ b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/ca/restapi/CertificateAuthorityApiHandler.java
@@ -92,8 +92,9 @@ public class CertificateAuthorityApiHandler extends LoggingRequestHandler {
         var instanceRefresh = deserializeRequest(request, InstanceSerializer::refreshFromSlime);
         var instanceIdFromCsr = Certificates.instanceIdFrom(instanceRefresh.csr());
         if (!instanceIdFromCsr.equals(instanceId)) {
-            throw new IllegalArgumentException("Mismatched instance ID and SAN DNS name [instanceId=" + instanceId +
-                                               ",instanceIdFromCsr=" + instanceIdFromCsr + "]");
+            throw new IllegalArgumentException("Mismatch between instance ID in URL path and instance ID in CSR " +
+                                               "[instanceId=" + instanceId + ",instanceIdFromCsr=" + instanceIdFromCsr +
+                                               "]");
         }
         var certificate = certificates.create(instanceRefresh.csr(), caCertificate(), caPrivateKey());
         var identity = new InstanceIdentity(provider, service, instanceIdFromCsr, Optional.of(certificate));
diff --git a/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/ca/restapi/CertificateAuthorityApiTest.java b/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/ca/restapi/CertificateAuthorityApiTest.java
index 21b1e392702..e377009b18c 100644
--- a/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/ca/restapi/CertificateAuthorityApiTest.java
+++ b/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/ca/restapi/CertificateAuthorityApiTest.java
@@ -92,7 +92,7 @@ public class CertificateAuthorityApiTest extends ContainerTester {
 
         // POST instance refresh where instanceId does not match CSR dnsName
         csr = CertificateTester.createCsr(List.of("node1.example.com", INSTANCE_ID_WITH_SUFFIX));
-        assertResponse(400, "{\"error-code\":\"BAD_REQUEST\",\"message\":\"POST http://localhost:12345/ca/v1/instance/vespa.external.provider_prod_us-north-1/vespa.external/tenant/foobar failed: Mismatched instance ID and SAN DNS name [instanceId=foobar,instanceIdFromCsr=1.cluster1.default.app1.tenant1.us-north-1.prod.node]\"}",
+        assertResponse(400, "{\"error-code\":\"BAD_REQUEST\",\"message\":\"POST http://localhost:12345/ca/v1/instance/vespa.external.provider_prod_us-north-1/vespa.external/tenant/foobar failed: Mismatch between instance ID in URL path and instance ID in CSR [instanceId=foobar,instanceIdFromCsr=1.cluster1.default.app1.tenant1.us-north-1.prod.node]\"}",
                        new Request("http://localhost:12345/ca/v1/instance/vespa.external.provider_prod_us-north-1/vespa.external/tenant/foobar",
                                    instanceRefreshJson(csr),
                                    Request.Method.POST));
author	Martin Polden <mpolden@mpolden.no>	2019-10-10 13:24:55 +0200
committer	Martin Polden <mpolden@mpolden.no>	2019-10-10 13:50:50 +0200
commit	b25cdf78899ea1f7a71a0a997cb9d11691390be2 (patch)
tree	fc4bfd83e4e16905a6fc9d5c694758d4aef4220d /athenz-identity-provider-service
parent	c1670f5b33c5bf3d2b8161b4a1b73f17eb685999 (diff)