You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@mesos.apache.org by Marc Roos <M....@f1-outsourcing.eu> on 2019/02/16 14:51:48 UTC

Browser ssl client issues

When I connect to the mesos master on 5050, the browser complains with 
failed to connect 

And these appear in the logs

m01 mesos-master[25419]: W0216 15:47:33.271518 25451 process.cpp:902] 
Failed to accept socket: Failed accept: connection error: 
error:14094418:S
SL routines:ssl3_read_bytes:tlsv1 alert unknown ca
Feb 16 15:47:33 m01 mesos-master[25419]: W0216 15:47:33.271518 25451 
process.cpp:902] Failed to accept socket: Failed accept: connection 
error: error:14094418:S
SL routines:ssl3_read_bytes:tlsv1 alert unknown ca
Feb 16 15:47:33 m01 mesos-master[25419]: W0216 15:47:33.361251 25451 
process.cpp:902] Failed to accept socket: Failed accept: connection 
error: error:14094418:S
SL routines:ssl3_read_bytes:tlsv1 alert unknown ca
Feb 16 15:47:33 m01 mesos-master[25419]: W0216 15:47:33.361251 25451 
process.cpp:902] Failed to accept socket: Failed accept: connection 
error: error:14094418:S
SL routines:ssl3_read_bytes:tlsv1 alert unknown ca

Do I need to start using a client certificate in the browser to resolve 
this?

RE: Browser ssl client issues

Posted by Marc Roos <M....@f1-outsourcing.eu>.

 



Anyone? The custom-ca used here is the same for the master - 
slaves/agents communication, that seems to be going fine. Is there a 
alternate custom configurable ca path for https clients on port 5050?



-----Original Message-----

Sent: 16 February 2019 16:25
To: user
Subject: RE: Browser ssl client issues

 

I think I created correctly a browser client certificate. Same way I 
created the certificates and keys for the mesos nodes. Except converted 
to p12 to import in firefox and using the internal hostname from where I 
am connecting. I am also getting the popup in ff to select a client 
certificate, but still these errors appear

W0216 16:22:19.478197 28966 process.cpp:902] Failed to accept socket: 
Failed accept: connection error: error:14094418:SSL
routines:ssl3_read_bytes:tlsv1 alert unknown ca



-----Original Message-----
Sent: 16 February 2019 15:52
To: user
Subject: Browser ssl client issues


When I connect to the mesos master on 5050, the browser complains with 
failed to connect 

And these appear in the logs

m01 mesos-master[25419]: W0216 15:47:33.271518 25451 process.cpp:902] 
Failed to accept socket: Failed accept: connection error: 
error:14094418:S
SL routines:ssl3_read_bytes:tlsv1 alert unknown ca Feb 16 15:47:33 m01 
mesos-master[25419]: W0216 15:47:33.271518 25451 process.cpp:902] Failed 

to accept socket: Failed accept: connection
error: error:14094418:S
SL routines:ssl3_read_bytes:tlsv1 alert unknown ca Feb 16 15:47:33 m01 
mesos-master[25419]: W0216 15:47:33.361251 25451 process.cpp:902] Failed 

to accept socket: Failed accept: connection
error: error:14094418:S
SL routines:ssl3_read_bytes:tlsv1 alert unknown ca Feb 16 15:47:33 m01 
mesos-master[25419]: W0216 15:47:33.361251 25451 process.cpp:902] Failed 

to accept socket: Failed accept: connection
error: error:14094418:S
SL routines:ssl3_read_bytes:tlsv1 alert unknown ca

Do I need to start using a client certificate in the browser to resolve 
this?

RE: Browser ssl client issues

Posted by Marc Roos <M....@f1-outsourcing.eu>.

 

I think I created correctly a browser client certificate. Same way I 
created the certificates and keys for the mesos nodes. Except converted 
to p12 to import in firefox and using the internal hostname from where I 
am connecting. I am also getting the popup in ff to select a client 
certificate, but still these errors appear

W0216 16:22:19.478197 28966 process.cpp:902] Failed to accept socket: 
Failed accept: connection error: error:14094418:SSL 
routines:ssl3_read_bytes:tlsv1 alert unknown ca



-----Original Message-----
Sent: 16 February 2019 15:52
To: user
Subject: Browser ssl client issues


When I connect to the mesos master on 5050, the browser complains with 
failed to connect 

And these appear in the logs

m01 mesos-master[25419]: W0216 15:47:33.271518 25451 process.cpp:902] 
Failed to accept socket: Failed accept: connection error: 
error:14094418:S
SL routines:ssl3_read_bytes:tlsv1 alert unknown ca Feb 16 15:47:33 m01 
mesos-master[25419]: W0216 15:47:33.271518 25451 process.cpp:902] Failed 
to accept socket: Failed accept: connection
error: error:14094418:S
SL routines:ssl3_read_bytes:tlsv1 alert unknown ca Feb 16 15:47:33 m01 
mesos-master[25419]: W0216 15:47:33.361251 25451 process.cpp:902] Failed 
to accept socket: Failed accept: connection
error: error:14094418:S
SL routines:ssl3_read_bytes:tlsv1 alert unknown ca Feb 16 15:47:33 m01 
mesos-master[25419]: W0216 15:47:33.361251 25451 process.cpp:902] Failed 
to accept socket: Failed accept: connection
error: error:14094418:S
SL routines:ssl3_read_bytes:tlsv1 alert unknown ca

Do I need to start using a client certificate in the browser to resolve 
this?