RE: SSL errors

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

The ping is still failing, DNS looks fine...
Here is the exact error when running

Func funcy.example.com call system list_modules

{'funcy.example.com': ['REMOTE_ERROR',
                       'OpenSSL.SSL.Error',
                       "[('SSL routines', 'SSL3_READ_BYTES', 'sslv3
alert bad certificate'), ('SSL routines', 'SSL3_WRITE_BYTES', 'ssl
handshake failure')]",
                       '  File
"/usr/lib/python2.4/site-packages/func/overlord/client.py", line 433, in
process_server\n    retval = getattr(conn, meth)(*args[:])\n   File
"/usr/lib64/python2.4/xmlrpclib.py", line 1096, in __call__\n    return
self.__send(self.__name, args)\n   File
"/usr/lib64/python2.4/xmlrpclib.py", line 1383, in __request\n
verbose=self.__verbose\n   File "/usr/lib64/python2.4/xmlrpclib.py",
line 1129, in request\n    self.send_content(h, request_body)\n   File
"/usr/lib64/python2.4/xmlrpclib.py", line 1243, in send_content\n
connection.endheaders()\n   File "/usr/lib64/python2.4/httplib.py", line
798, in endheaders\n    self._send_output()\n   File
"/usr/lib64/python2.4/httplib.py", line 679, in _send_output\n
self.send(msg)\n   File "/usr/lib64/python2.4/httplib.py", line 658, in
send\n    self.sock.sendall(str)\n   File
"/usr/lib/python2.4/site-packages/certmaster/SSLConnection.py", line
109, in sendall\n    sent = con.send(data, flags)\n']}

-----Original Message-----
From: Adrian LIkins [mailto:alikins@xxxxxxxxxx] 
Sent: Tuesday, May 05, 2009 12:28 PM
To: Wells, David J
Cc: func-list@xxxxxxxxxx
Subject: Re:  SSL errors

Wells, David J wrote:
>
> List,
>
> func "*" ping fails on 1 client
>
> /var/log/func/func/log contains
>
> Debug for cn: acls and hostkey for the client with a return code for 
> test.ping: 1. How can I gather more info?
>

Whats the minion/overlord setup?

Is certmaster running? is the value of "certmaster" in 
/etc/certmaster/minion.conf pointing at the machine thats running
certmaster?

Does running "certmaster-ca --list" on the certmaster show any cert 
requests?

Can the minion reach the right port on certmaster (51235)? is the port 
blocked by firewall?

Adrian

_______________________________________________
Func-list mailing list
Func-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/func-list
[Index of Archives]     [Fedora Users]     [Linux Networking]     [Fedora Legacy List]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]

  Powered by Linux