Signature is invalid

I’m seeing this message in the logs:

level=error msg=“while pushing to api : failed sending alert to LAPI: API error: signature is invalid”

What does that mean?


It might mean that your crowdsec is pushing to lapi but the jwt token is expired. When/how does this happen and/or do you know how to reproduce it ?

I’m running the api on a central machine, and 3 clients connecting.
I have been experiencing crowdsec crashes on the master machine, that is reproducable by doing cscli decisions list + hitting ctrl-c, it’s much better on version 1.09, I was getting spontaneous crashes with 1.07.
I can tell from the datetime of the “signature is invalid” error that the master api had been running for about 10 minutes so maybe a stale token like you said…
When everything runs stable, I’ll let it run for a few days and see if it reoccurs…