'RE: Browser ssl client issues'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       mesos-user
Subject:    RE: Browser ssl client issues
From:       "Marc Roos" <M.Roos () f1-outsourcing ! eu>
Date:       2019-02-18 21:03:36
Message-ID: "H000007100134956.1550523815.sx.f1-outsourcing.eu*" () MHS
[Download RAW message or body]

 



Anyone? The custom-ca used here is the same for the master - 
slaves/agents communication, that seems to be going fine. Is there a 
alternate custom configurable ca path for https clients on port 5050?



-----Original Message-----

Sent: 16 February 2019 16:25
To: user
Subject: RE: Browser ssl client issues

 

I think I created correctly a browser client certificate. Same way I 
created the certificates and keys for the mesos nodes. Except converted 
to p12 to import in firefox and using the internal hostname from where I 
am connecting. I am also getting the popup in ff to select a client 
certificate, but still these errors appear

W0216 16:22:19.478197 28966 process.cpp:902] Failed to accept socket: 
Failed accept: connection error: error:14094418:SSL
routines:ssl3_read_bytes:tlsv1 alert unknown ca



-----Original Message-----
Sent: 16 February 2019 15:52
To: user
Subject: Browser ssl client issues


When I connect to the mesos master on 5050, the browser complains with 
failed to connect 

And these appear in the logs

m01 mesos-master[25419]: W0216 15:47:33.271518 25451 process.cpp:902] 
Failed to accept socket: Failed accept: connection error: 
error:14094418:S
SL routines:ssl3_read_bytes:tlsv1 alert unknown ca Feb 16 15:47:33 m01 
mesos-master[25419]: W0216 15:47:33.271518 25451 process.cpp:902] Failed 

to accept socket: Failed accept: connection
error: error:14094418:S
SL routines:ssl3_read_bytes:tlsv1 alert unknown ca Feb 16 15:47:33 m01 
mesos-master[25419]: W0216 15:47:33.361251 25451 process.cpp:902] Failed 

to accept socket: Failed accept: connection
error: error:14094418:S
SL routines:ssl3_read_bytes:tlsv1 alert unknown ca Feb 16 15:47:33 m01 
mesos-master[25419]: W0216 15:47:33.361251 25451 process.cpp:902] Failed 

to accept socket: Failed accept: connection
error: error:14094418:S
SL routines:ssl3_read_bytes:tlsv1 alert unknown ca

Do I need to start using a client certificate in the browser to resolve 
this?











[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic