[
https://issues.apache.org/jira/browse/MESOS-10218?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17315508#comment-17315508
]
prasadkulkarni0711 edited comment on MESOS-10218 at 4/6/21, 12:53 PM:
----------------------------------------------------------------------
hi [~apeters]
yes, the UI opens up on HTTPS but keeps giving the pop-up of failed to
connect, retrying until I add the CA cert(self-signed) as a trusted cert to my
laptop. After that, the pop-up doesn't come up again, but the sandbox fails to
open as mentioned.
{code:java}
LIBPROCESS_SSL_ENABLED=true
LIBPROCESS_SSL_VERIFY_CERT=false
LIBPROCESS_SSL_KEY_FILE=/etc/mesos/conf/ssl/server.key
LIBPROCESS_SSL_CERT_FILE=/etc/mesos/conf/ssl/server.pem
LIBPROCESS_SSL_REQUIRE_CERT=false
{code}
had tried the above settings, the Mesos slave itself doesn't connect to the
master with error:
Failed to accept socket: Failed accept: connection error: error:1407609C:SSL
routines:SSL23_GET_CLIENT_HELLO:http request
Our server and CA cert are self signed
was (Author: prasadkulkarni0711):
hi [~apeters]
yes, the UI opens up on HTTPS but keeps giving the pop-up of failed to connect,
retrying until I add the CA cert(self-signed) as a trusted cert to my laptop.
After that, the pop-up doesn't come up again, but the sandbox fails to open as
mentioned.
LIBPROCESS_SSL_ENABLED=trueLIBPROCESS_SSL_VERIFY_CERT=falseLIBPROCESS_SSL_KEY_FILE=/etc/mesos/conf/ssl/server.key
LIBPROCESS_SSL_CERT_FILE=/etc/mesos/conf/ssl/server.pem
LIBPROCESS_SSL_REQUIRE_CERT=false
had tried the above settings, the Mesos slave itself doesn't connect to the
master with error:
Failed to accept socket: Failed accept: connection error: error:1407609C:SSL
routines:SSL23_GET_CLIENT_HELLO:http request
Our server and CA cert are self signed
> Mesos slave fails to connect after enabling ssl
> -----------------------------------------------
>
> Key: MESOS-10218
> URL: https://issues.apache.org/jira/browse/MESOS-10218
> Project: Mesos
> Issue Type: Bug
> Components: agent
> Affects Versions: 1.9.0
> Reporter: prasadkulkarni0711
> Priority: Major
>
> Mesos agent fails to connect to the master after setting the following
> variables:
> LIBPROCESS_SSL_ENABLED=1
> LIBPROCESS_SSL_KEY_FILE=/etc/mesos/conf/ssl/server.key
> LIBPROCESS_SSL_CERT_FILE=/etc/mesos/conf/ssl/server.pem
> LIBPROCESS_SSL_REQUIRE_CERT=false
> LIBPROCESS_SSL_VERIFY_SERVER_CERT=false
> LIBPROCESS_SSL_REQUIRE_CLIENT_CERT=false
> LIBPROCESS_SSL_HOSTNAME_VALIDATION_SCHEME=openssl
> LIBPROCESS_SSL_VERIFY_CERT=false
> LIBPROCESS_SSL_CA_DIR=/etc/mesos/conf/ssl
> LIBPROCESS_SSL_CA_FILE=/etc/mesos/conf/ssl/ca.pem
> LIBPROCESS_SSL_SUPPORT_DOWNGRADE=false
> LIBPROCESS_SSL_VERIFY_IPADD=false
> #LIBPROCESS_SSL_ENABLE_TLS_V1_2=true
> Error in logs:
> Failed to accept socket: Failed accept: connection error: error:1407609C:SSL
> routines:SSL23_GET_CLIENT_HELLO:http request
> Connectivity works after setting:
> LIBPROCESS_SSL_SUPPORT_DOWNGRADE=true
> But then the sandbox fails to open in the web UI:
> Potential reasons:
> * The agent is not accessible
> * The agent timed out or went offline
> With the following error in the logs:
> Failed to recv on socket 38 to peer 'unknown': Failed recv, connection error:
> Connection reset by peer
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
