Issue #5884 has been updated by Ben Hughes. Status changed from Unreviewed to Needs More Information
---------------------------------------- Bug #5884: Error establishing SSL connection https://projects.puppetlabs.com/issues/5884 Author: Benjamin Goldsbury Status: Needs More Information Priority: Normal Assignee: Category: Target version: Affected Puppet version: Keywords: Branch: Puppet Master version: 2.6.1 Puppet Agent version: 2.6.1 Background: Puppet Master has been up and running for about a week. Using the default server (i.e. Not Mongrel, not Passenger). Other Puppet Agents can connect to it fine. Problem: When trying to connect from a new host, I receive: 'Could not request certificate: SSL_connect SYSCALL returned=5 errno=0 state=SSLv2/v3 read server hello A' Troubleshooting: I tested creating a dummy SSL connection to Master by doing: 'openssl s_client -connect <master>:8140' Doing this on a newly provisioned machine results in 'ssl handshake failure'. Doing this on a previously running machine works fine. Running the Master with --no-daemonize --verbose --debug shows no information when the host(s) experiencing the problem attempt to connect. I have verified that: * The packets are reaching the Master on the correct port * The TCP Checksums for the packets are correct * The Master is sending a TCP reset (probably from closing the connection) and not some other device in between such as a firewall. Initially, the host(s) experiencing the problem were behind NAT. I moved them to be on the same ip network to remove it as a possible cause. At this point, I'm not sure how to further debug the problem. I would think the next step is to see why the Master is closing the connection, but I am not sure how. -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
