Replying here since I am unable to see the original mail in my mailbox: If you have renamed the agent.jks file and are able to re-establish contact (you've said the agent is idle for 10-15 minutes), then please try the following: 1. Disable the agent and then enable it again. 2. If removing it and adding it back is an option, then please do so 3. Uninstall the agent and then reinstall it.
I have had to do (2) and (3) above when the agent bootstrapper was so far outdated from the server that just the built-in agent auto-update was not enough. Separately, did you update your Java installation? That once led me to have to delete the agent.jks like you have had to. -- Sriram On Mon, May 2, 2022 at 4:41 PM Chad Wilson <[email protected]> wrote: > Hello > > This seems like an old GoCD version that you are running - are you able to > report what version your server and agents are? > > It might be a bit difficult to provide great suggestions for these older > versions, since the in-built TLS support for GoCD was replaced in GoCD > 20.2.0 <https://github.com/gocd/gocd/issues/7872> and the communications > mechanism between server and agent was changed in GoCD 21.1.0 meaning it's > a bit tough to recall all the details here. > > I have a few questions though: > > - Did something change in your setup (agent or servers) after which > this started happening? > - Are all agents having problems or only a subset of agents? > - What do the server logs say at the same time as the agent has these > errors? > > I am completely guessing, since I am not familiar with GoCD's old TLS/mTLS > setup, but this might mean certificates have expired somewhere and your > agent has somehow lost trust in the server (or vice versa - the server no > longer trusts the agent). To know why that is would require a bit more > digging though. > > -Chad > > > On Sat, Apr 30, 2022 at 3:13 AM Obiageli Adegbite <[email protected]> > wrote: > >> My Window 2019 Agent Keeps loosing contact, due to SSL Handshake errors, >> when I delete/rename the agent.jks file it goes to idle and after 10 -15 >> minutes returns to lost contact what can i do? >> >> Error Message >> 04-29 14:20:46,308 ERROR [scheduler-2] AgentHTTPClientController:103 - >> Error occurred when agent tried to ping server: >> org.springframework.remoting.RemoteAccessException: Could not access HTTP >> invoker remote service at [ >> https://go.dev.scitorque.com:8154/go/remoting/remoteBuildRepository]; >> nested exception is javax.net.ssl.SSLHandshakeException: Received fatal >> alert: certificate_unknown >> at >> org.springframework.remoting.httpinvoker.HttpInvokerClientInterceptor.convertHttpInvokerAccessException(HttpInvokerClientInterceptor.java:226) >> at >> org.springframework.remoting.httpinvoker.HttpInvokerClientInterceptor.invoke(HttpInvokerClientInterceptor.java:153) >> at >> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) >> at >> org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213) >> at com.sun.proxy.$Proxy8.ping(Unknown Source) >> at >> com.thoughtworks.go.agent.AgentHTTPClientController.ping(AgentHTTPClientController.java:98) >> at sun.reflect.GeneratedMethodAccessor4.invoke(Unknown Source) >> at >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >> at java.lang.reflect.Method.invoke(Method.java:498) >> at >> org.springframework.scheduling.support.ScheduledMethodRunnable.run(ScheduledMethodRunnable.java:65) >> at >> org.springframework.scheduling.support.DelegatingErrorHandlingRunnable.run(DelegatingErrorHandlingRunnable.java:54) >> at >> java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) >> at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:308) >> at >> java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(ScheduledThreadPoolExecutor.java:180) >> at >> java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:294) >> at >> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) >> at >> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) >> at java.lang.Thread.run(Thread.java:745) >> Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: >> certificate_unknown >> at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) >> at sun.security.ssl.Alerts.getSSLException(Alerts.java:154) >> at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:2023) >> at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1125) >> at >> sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375) >> at >> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403) >> at >> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387) >> at >> org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:396) >> at >> org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:355) >> at >> org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142) >> at >> org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:373) >> at >> org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:394) >> at >> org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:237) >> at >> org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:185) >> at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89) >> at >> org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110) >> at >> org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185) >> at >> org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83) >> at >> com.thoughtworks.go.agent.common.ssl.GoAgentServerHttpClient.execute(GoAgentServerHttpClient.java:54) >> at >> com.thoughtworks.go.agent.GoHttpClientHttpInvokerRequestExecutor.doExecuteRequest(GoHttpClientHttpInvokerRequestExecutor.java:78) >> at >> org.springframework.remoting.httpinvoker.AbstractHttpInvokerRequestExecutor.executeRequest(AbstractHttpInvokerRequestExecutor.java:137) >> at >> org.springframework.remoting.httpinvoker.HttpInvokerClientInterceptor.executeRequest(HttpInvokerClientInterceptor.java:202) >> at >> org.springframework.remoting.httpinvoker.HttpInvokerClientInterceptor.executeRequest(HttpInvokerClientInterceptor.java:184) >> at >> org.springframework.remoting.httpinvoker.HttpInvokerClientInterceptor.invoke(HttpInvokerClientInterceptor.java:150) >> ... 16 common frames omitted >> 2022-04-29 14:20:48,718 ERROR [scheduler-1] AgentUpgradeService:92 - >> [Agent Upgrade] Couldn't connect to: >> https://go.dev.scitorque.com:8154/go/admin/latest-agent.status: >> javax.net.ssl.SSLHandshakeException: Received fatal alert: >> certificate_unknown >> 2022-04-29 14:20:48,718 ERROR [scheduler-1] AgentController:91 - [Agent >> Loop] Error occurred during loop: >> javax.net.ssl.SSLHandshakeException: Received fatal alert: >> certificate_unknown >> at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) >> at sun.security.ssl.Alerts.getSSLException(Alerts.java:154) >> at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:2023) >> at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1125) >> at >> sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375) >> at >> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403) >> at >> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387) >> at >> org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:396) >> at >> org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:355) >> at >> org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142) >> at >> org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:373) >> at >> org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:394) >> at >> org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:237) >> at >> org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:185) >> at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89) >> at >> org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110) >> at >> org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185) >> at >> org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83) >> at >> org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:108) >> at >> com.thoughtworks.go.agent.common.ssl.GoAgentServerHttpClient.execute(GoAgentServerHttpClient.java:49) >> at >> com.thoughtworks.go.agent.service.AgentUpgradeService.checkForUpgradeAndExtraProperties(AgentUpgradeService.java:80) >> at >> com.thoughtworks.go.agent.service.AgentUpgradeService.checkForUpgradeAndExtraProperties(AgentUpgradeService.java:73) >> at >> com.thoughtworks.go.agent.AgentController.loop(AgentController.java:83) >> at sun.reflect.GeneratedMethodAccessor7.invoke(Unknown Source) >> at >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >> at java.lang.reflect.Method.invoke(Method.java:498) >> at >> org.springframework.scheduling.support.ScheduledMethodRunnable.run(ScheduledMethodRunnable.java:65) >> at >> org.springframework.scheduling.support.DelegatingErrorHandlingRunnable.run(DelegatingErrorHandlingRunnable.java:54) >> at >> java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) >> at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:308) >> at >> java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(ScheduledThreadPoolExecutor.java:180) >> at >> java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:294) >> at >> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) >> at >> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) >> at java.lang.Thread.run(Thread.java:745) >> 2022-04-29 14:20:51,393 ERROR [scheduler-3] AgentHTTPClientController:103 >> - Error occurred when agent tried to ping server: >> org.springframework.remoting.RemoteAccessException: Could not access HTTP >> invoker remote service at [ >> https://go.dev.scitorque.com:8154/go/remoting/remoteBuildRepository]; >> nested exception is javax.net.ssl.SSLHandshakeException: Received fatal >> alert: certificate_unknown >> at >> org.springframework.remoting.httpinvoker.HttpInvokerClientInterceptor.convertHttpInvokerAccessException(HttpInvokerClientInterceptor.java:226) >> at >> org.springframework.remoting.httpinvoker.HttpInvokerClientInterceptor.invoke(HttpInvokerClientInterceptor.java:153) >> at >> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) >> at >> org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213) >> at com.sun.proxy.$Proxy8.ping(Unknown Source) >> at >> com.thoughtworks.go.agent.AgentHTTPClientController.ping(AgentHTTPClientController.java:98) >> at sun.reflect.GeneratedMethodAccessor4.invoke(Unknown Source) >> at >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >> at java.lang.reflect.Method.invoke(Method.java:498) >> at >> org.springframework.scheduling.support.ScheduledMethodRunnable.run(ScheduledMethodRunnable.java:65) >> at >> org.springframework.scheduling.support.DelegatingErrorHandlingRunnable.run(DelegatingErrorHandlingRunnable.java:54) >> at >> java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) >> at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:308) >> at >> java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(ScheduledThreadPoolExecutor.java:180) >> at >> java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:294) >> at >> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) >> at >> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) >> at java.lang.Thread.run(Thread.java:745) >> Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: >> certificate_unknown >> at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) >> at sun.security.ssl.Alerts.getSSLException(Alerts.java:154) >> at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:2023) >> at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1125) >> at >> sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375) >> at >> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403) >> at >> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387) >> at >> org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:396) >> at >> org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:355) >> at >> org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142) >> at >> org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:373) >> at >> org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:394) >> at >> org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:237) >> at >> org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:185) >> at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89) >> at >> org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110) >> at >> org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185) >> at >> org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83) >> at >> com.thoughtworks.go.agent.common.ssl.GoAgentServerHttpClient.execute(GoAgentServerHttpClient.java:54) >> at >> com.thoughtworks.go.agent.GoHttpClientHttpInvokerRequestExecutor.doExecuteRequest(GoHttpClientHttpInvokerRequestExecutor.java:78) >> at >> org.springframework.remoting.httpinvoker.AbstractHttpInvokerRequestExecutor.executeRequest(AbstractHttpInvokerRequestExecutor.java:137) >> at >> org.springframework.remoting.httpinvoker.HttpInvokerClientInterceptor.executeRequest(HttpInvokerClientInterceptor.java:202) >> at >> org.springframework.remoting.httpinvoker.HttpInvokerClientInterceptor.executeRequest(HttpInvokerClientInterceptor.java:184) >> at >> org.springframework.remoting.httpinvoker.HttpInvokerClientInterceptor.invoke(HttpInvokerClientInterceptor.java:150) >> ... 16 common frames omitted >> 2022-04-29 14:20:56,476 ERROR [scheduler-1] AgentHTTPClientController:103 >> - Error occurred when agent tried to ping server: >> org.springframework.remoting.RemoteAccessException: Could not access HTTP >> invoker remote service at [ >> https://go.dev.scitorque.com:8154/go/remoting/remoteBuildRepository]; >> nested exception is javax.net.ssl.SSLHandshakeException: Received fatal >> alert: certificate_unknown >> at >> org.springframework.remoting.httpinvoker.HttpInvokerClientInterceptor.convertHttpInvokerAccessException(HttpInvokerClientInterceptor.java:226) >> at >> org.springframework.remoting.httpinvoker.HttpInvokerClientInterceptor.invoke(HttpInvokerClientInterceptor.java:153) >> at >> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) >> at >> org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213) >> at com.sun.proxy.$Proxy8.ping(Unknown Source) >> at >> com.thoughtworks.go.agent.AgentHTTPClientController.ping(AgentHTTPClientController.java:98) >> at sun.reflect.GeneratedMethodAccessor4.invoke(Unknown Source) >> at >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >> at java.lang.reflect.Method.invoke(Method.java:498) >> at >> org.springframework.scheduling.support.ScheduledMethodRunnable.run(ScheduledMethodRunnable.java:65) >> at >> org.springframework.scheduling.support.DelegatingErrorHandlingRunnable.run(DelegatingErrorHandlingRunnable.java:54) >> at >> java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) >> at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:308) >> >> kindly help >> >> -- >> You received this message because you are subscribed to the Google Groups >> "go-cd" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/go-cd/3625794c-735f-4459-ade5-5eff14343145n%40googlegroups.com >> <https://groups.google.com/d/msgid/go-cd/3625794c-735f-4459-ade5-5eff14343145n%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> > -- > You received this message because you are subscribed to the Google Groups > "go-cd" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/go-cd/CAA1RwH8i74LrdHSUV9f5u-JBe%2BG-2uigjnP9dyV1zPtbwATTuw%40mail.gmail.com > <https://groups.google.com/d/msgid/go-cd/CAA1RwH8i74LrdHSUV9f5u-JBe%2BG-2uigjnP9dyV1zPtbwATTuw%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "go-cd" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/go-cd/CANiY96ZFqjGG1qvgqpK_mMK8Os57zx8%2B%2BbzscH-LJofZTr%3Dj6A%40mail.gmail.com.
