Re: SSL authentication failure

2018-04-12 Thread Rohit Yadav 
Swastik - does your KVM host have ipmi capabilities, please refer to admin docs 
on using out-of-band management for host. You'll need to configure oobm 
configuration for a host in order to use them.



- Rohit

<https://cloudstack.apache.org>




From: Swastik Mittal <mittal.swas...@gmail.com>
Sent: Tuesday, April 3, 2018 12:24:26 PM
To: users@cloudstack.apache.org
Subject: Re: SSL authentication failure

Forget to mention. On issuing an action for out of band management I get:

Out-of-band Management action (RESET) on host
(b7a92936-1ce9-4c90-aca3-6ea492bf028d) failed with error: Get Auth
Capabilities error Error issuing Get Channel Authentication Capabilies
request Error: Unable to establish IPMI v2 / RMCP+ session

On 4/3/18, Swastik Mittal <mittal.swas...@gmail.com> wrote:
> Hey Rohit,
>
> (in one-way ssl mode)
>
> The host has been added but the power state is disabled as out of band
> management is disabled. On enabling I get unknown state, but system vm's
> still show status running and agent state is marked by '-'.
>
> Where are the system VM's running if no agent state is detected?
>
> Also my console does not run but I can ssh into my ssvm. There is no
> ssvm-check file available. I think it is because system VM's are not
> correctly configured. So how do I power ON my host so that I get an agent
> state in system VM?
>
> regards
> Swastik
>
> On Tue, Apr 3, 2018 at 10:32 AM, Swastik Mittal <mittal.swas...@gmail.com>
> wrote:
>
>> Hey Rohit,
>>
>> I set my ca.plugin.root.auth.strictness to false and restarted all the
>> services and one way ssl works fine. But how do I solve the bug in case I
>> need to enable two way ssl.
>>
>> regards
>> Swastik
>>
>> On Tue, Apr 3, 2018 at 9:21 AM, Swastik Mittal <mittal.swas...@gmail.com>
>> wrote:
>>
>>> Hey Rohit
>>>
>>> I was installing a fresh enviroment. Added the host through command
>>> cloudstack-setup-agent, here it mentions everything done correctly but
>>> the host doesn't get added. (KVM host)
>>>
>>> Agent log file gives:
>>>
>>> 2018-04-03 09:12:14,584 INFO  [cloud.agent.Agent] (main:null) (logid:)
>>> Connecting to host:localhost
>>> 2018-04-03 09:12:14,584 INFO  [utils.nio.NioClient] (main:null)
>>> (logid:) Connecting to localhost:8250
>>> 2018-04-03 09:12:14,585 INFO  [utils.nio.Link] (main:null) (logid:)
>>> Conf file found: /etc/cloudstack/agent/agent.properties
>>> 2018-04-03 09:12:14,585 WARN  [utils.nio.Link] (main:null) (logid:)
>>> Failed to load keystore, using trust all manager
>>> 2018-04-03 09:12:14,589 ERROR [utils.nio.Link] (main:null) (logid:)
>>> SSL error caught during unwrap data: Unrecognized SSL message,
>>> plaintext connection?, for local address=/127.0.0.1:39863, remote
>>> address=localhost/127.0.0.1:8250. The client may have invalid
>>> ca-certificates.
>>> 2018-04-03 09:12:14,589 ERROR [utils.nio.NioClient] (main:null)
>>> (logid:) SSL Handshake failed while connecting to host: localhost
>>> port: 8250
>>> 2018-04-03 09:12:14,589 ERROR [utils.nio.NioConnection] (main:null)
>>> (logid:) Unable to initialize the threads.
>>> java.io.IOException: SSL Handshake failed while connecting to host:
>>> localhost port: 8250
>>> at com.cloud.utils.nio.NioClient.init(NioClient.java:67)
>>> at
>>> com.cloud.utils.nio.NioConnection.start(NioConnection.java:95)
>>> at com.cloud.agent.Agent.start(Agent.java:263)
>>> at com.cloud.agent.AgentShell.launchAgent(AgentShell.java:410)
>>> at com.cloud.agent.AgentShell.launchAgentFromClassInfo(AgentShe
>>> ll.java:378)
>>> at com.cloud.agent.AgentShell.launchAgent(AgentShell.java:362)
>>> at com.cloud.agent.AgentShell.start(AgentShell.java:467)
>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>>> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAcce
>>> ssorImpl.java:62)
>>> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMe
>>> thodAccessorImpl.java:43)
>>> at java.lang.reflect.Method.invoke(Method.java:498)
>>> at org.apache.commons.daemon.support.DaemonLoader.start(DaemonL
>>> oader.java:243)
>>> 2018-04-03 09:12:14,590 INFO  [utils.exception.CSExceptionErrorCode]
>>> (main:null) (logid:) Could not find exception:
>>> com.cloud.utils.exception.NioConnectionException in error code list
>>> for exceptions
>>> 2018-04

Re: SSL authentication failure

2018-04-03 Thread Swastik Mittal 
Forget to mention. On issuing an action for out of band management I get:

Out-of-band Management action (RESET) on host
(b7a92936-1ce9-4c90-aca3-6ea492bf028d) failed with error: Get Auth
Capabilities error Error issuing Get Channel Authentication Capabilies
request Error: Unable to establish IPMI v2 / RMCP+ session

On 4/3/18, Swastik Mittal  wrote:
> Hey Rohit,
>
> (in one-way ssl mode)
>
> The host has been added but the power state is disabled as out of band
> management is disabled. On enabling I get unknown state, but system vm's
> still show status running and agent state is marked by '-'.
>
> Where are the system VM's running if no agent state is detected?
>
> Also my console does not run but I can ssh into my ssvm. There is no
> ssvm-check file available. I think it is because system VM's are not
> correctly configured. So how do I power ON my host so that I get an agent
> state in system VM?
>
> regards
> Swastik
>
> On Tue, Apr 3, 2018 at 10:32 AM, Swastik Mittal 
> wrote:
>
>> Hey Rohit,
>>
>> I set my ca.plugin.root.auth.strictness to false and restarted all the
>> services and one way ssl works fine. But how do I solve the bug in case I
>> need to enable two way ssl.
>>
>> regards
>> Swastik
>>
>> On Tue, Apr 3, 2018 at 9:21 AM, Swastik Mittal 
>> wrote:
>>
>>> Hey Rohit
>>>
>>> I was installing a fresh enviroment. Added the host through command
>>> cloudstack-setup-agent, here it mentions everything done correctly but
>>> the host doesn't get added. (KVM host)
>>>
>>> Agent log file gives:
>>>
>>> 2018-04-03 09:12:14,584 INFO  [cloud.agent.Agent] (main:null) (logid:)
>>> Connecting to host:localhost
>>> 2018-04-03 09:12:14,584 INFO  [utils.nio.NioClient] (main:null)
>>> (logid:) Connecting to localhost:8250
>>> 2018-04-03 09:12:14,585 INFO  [utils.nio.Link] (main:null) (logid:)
>>> Conf file found: /etc/cloudstack/agent/agent.properties
>>> 2018-04-03 09:12:14,585 WARN  [utils.nio.Link] (main:null) (logid:)
>>> Failed to load keystore, using trust all manager
>>> 2018-04-03 09:12:14,589 ERROR [utils.nio.Link] (main:null) (logid:)
>>> SSL error caught during unwrap data: Unrecognized SSL message,
>>> plaintext connection?, for local address=/127.0.0.1:39863, remote
>>> address=localhost/127.0.0.1:8250. The client may have invalid
>>> ca-certificates.
>>> 2018-04-03 09:12:14,589 ERROR [utils.nio.NioClient] (main:null)
>>> (logid:) SSL Handshake failed while connecting to host: localhost
>>> port: 8250
>>> 2018-04-03 09:12:14,589 ERROR [utils.nio.NioConnection] (main:null)
>>> (logid:) Unable to initialize the threads.
>>> java.io.IOException: SSL Handshake failed while connecting to host:
>>> localhost port: 8250
>>> at com.cloud.utils.nio.NioClient.init(NioClient.java:67)
>>> at
>>> com.cloud.utils.nio.NioConnection.start(NioConnection.java:95)
>>> at com.cloud.agent.Agent.start(Agent.java:263)
>>> at com.cloud.agent.AgentShell.launchAgent(AgentShell.java:410)
>>> at com.cloud.agent.AgentShell.launchAgentFromClassInfo(AgentShe
>>> ll.java:378)
>>> at com.cloud.agent.AgentShell.launchAgent(AgentShell.java:362)
>>> at com.cloud.agent.AgentShell.start(AgentShell.java:467)
>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>>> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAcce
>>> ssorImpl.java:62)
>>> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMe
>>> thodAccessorImpl.java:43)
>>> at java.lang.reflect.Method.invoke(Method.java:498)
>>> at org.apache.commons.daemon.support.DaemonLoader.start(DaemonL
>>> oader.java:243)
>>> 2018-04-03 09:12:14,590 INFO  [utils.exception.CSExceptionErrorCode]
>>> (main:null) (logid:) Could not find exception:
>>> com.cloud.utils.exception.NioConnectionException in error code list
>>> for exceptions
>>> 2018-04-03 09:12:14,590 WARN  [cloud.agent.Agent] (main:null) (logid:)
>>> NIO Connection Exception
>>> com.cloud.utils.exception.NioConnectionException: SSL Handshake failed
>>> while connecting to host: localhost port: 8250
>>> 2018-04-03 09:12:14,590 INFO  [cloud.agent.Agent] (main:null) (logid:)
>>> Attempted to connect to the server, but received an unexpected
>>> exception, trying again...
>>>
>>> While connecting through UI it gives authentication error.
>>>
>>> I also set ssh and sshd ports to 8250 and was able to ssh into
>>> management from host through it but still getting the same error while
>>> adding it in cloudstack. Management generates a key(.pem) file in the
>>> UI, do we need to add that file in the host settings for connection?
>>>
>>> Also my ca.plugin.root.auth.strictness settings was set to true. On
>>> setting it to false gives the same.
>>>
>>> Regards
>>> Swastik
>>>
>>> On 4/2/18, Rohit Yadav  wrote:
>>> > Swastik,
>>> >
>>> > Did you try to upgrade the env or installed a fresh env? How did you

Re: SSL authentication failure

2018-04-03 Thread Swastik Mittal 
Hey Rohit,

(in one-way ssl mode)

The host has been added but the power state is disabled as out of band
management is disabled. On enabling I get unknown state, but system vm's
still show status running and agent state is marked by '-'.

Where are the system VM's running if no agent state is detected?

Also my console does not run but I can ssh into my ssvm. There is no
ssvm-check file available. I think it is because system VM's are not
correctly configured. So how do I power ON my host so that I get an agent
state in system VM?

regards
Swastik

On Tue, Apr 3, 2018 at 10:32 AM, Swastik Mittal 
wrote:

> Hey Rohit,
>
> I set my ca.plugin.root.auth.strictness to false and restarted all the
> services and one way ssl works fine. But how do I solve the bug in case I
> need to enable two way ssl.
>
> regards
> Swastik
>
> On Tue, Apr 3, 2018 at 9:21 AM, Swastik Mittal 
> wrote:
>
>> Hey Rohit
>>
>> I was installing a fresh enviroment. Added the host through command
>> cloudstack-setup-agent, here it mentions everything done correctly but
>> the host doesn't get added. (KVM host)
>>
>> Agent log file gives:
>>
>> 2018-04-03 09:12:14,584 INFO  [cloud.agent.Agent] (main:null) (logid:)
>> Connecting to host:localhost
>> 2018-04-03 09:12:14,584 INFO  [utils.nio.NioClient] (main:null)
>> (logid:) Connecting to localhost:8250
>> 2018-04-03 09:12:14,585 INFO  [utils.nio.Link] (main:null) (logid:)
>> Conf file found: /etc/cloudstack/agent/agent.properties
>> 2018-04-03 09:12:14,585 WARN  [utils.nio.Link] (main:null) (logid:)
>> Failed to load keystore, using trust all manager
>> 2018-04-03 09:12:14,589 ERROR [utils.nio.Link] (main:null) (logid:)
>> SSL error caught during unwrap data: Unrecognized SSL message,
>> plaintext connection?, for local address=/127.0.0.1:39863, remote
>> address=localhost/127.0.0.1:8250. The client may have invalid
>> ca-certificates.
>> 2018-04-03 09:12:14,589 ERROR [utils.nio.NioClient] (main:null)
>> (logid:) SSL Handshake failed while connecting to host: localhost
>> port: 8250
>> 2018-04-03 09:12:14,589 ERROR [utils.nio.NioConnection] (main:null)
>> (logid:) Unable to initialize the threads.
>> java.io.IOException: SSL Handshake failed while connecting to host:
>> localhost port: 8250
>> at com.cloud.utils.nio.NioClient.init(NioClient.java:67)
>> at com.cloud.utils.nio.NioConnection.start(NioConnection.java:95)
>> at com.cloud.agent.Agent.start(Agent.java:263)
>> at com.cloud.agent.AgentShell.launchAgent(AgentShell.java:410)
>> at com.cloud.agent.AgentShell.launchAgentFromClassInfo(AgentShe
>> ll.java:378)
>> at com.cloud.agent.AgentShell.launchAgent(AgentShell.java:362)
>> at com.cloud.agent.AgentShell.start(AgentShell.java:467)
>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAcce
>> ssorImpl.java:62)
>> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMe
>> thodAccessorImpl.java:43)
>> at java.lang.reflect.Method.invoke(Method.java:498)
>> at org.apache.commons.daemon.support.DaemonLoader.start(DaemonL
>> oader.java:243)
>> 2018-04-03 09:12:14,590 INFO  [utils.exception.CSExceptionErrorCode]
>> (main:null) (logid:) Could not find exception:
>> com.cloud.utils.exception.NioConnectionException in error code list
>> for exceptions
>> 2018-04-03 09:12:14,590 WARN  [cloud.agent.Agent] (main:null) (logid:)
>> NIO Connection Exception
>> com.cloud.utils.exception.NioConnectionException: SSL Handshake failed
>> while connecting to host: localhost port: 8250
>> 2018-04-03 09:12:14,590 INFO  [cloud.agent.Agent] (main:null) (logid:)
>> Attempted to connect to the server, but received an unexpected
>> exception, trying again...
>>
>> While connecting through UI it gives authentication error.
>>
>> I also set ssh and sshd ports to 8250 and was able to ssh into
>> management from host through it but still getting the same error while
>> adding it in cloudstack. Management generates a key(.pem) file in the
>> UI, do we need to add that file in the host settings for connection?
>>
>> Also my ca.plugin.root.auth.strictness settings was set to true. On
>> setting it to false gives the same.
>>
>> Regards
>> Swastik
>>
>> On 4/2/18, Rohit Yadav  wrote:
>> > Swastik,
>> >
>> > Did you try to upgrade the env or installed a fresh env? How did you
>> add the
>> > host? Was it a kvm host or something else? Instead of localhost, can
>> you use
>> > an IP for the mgmt server? Also check and share your ca auth strictness
>> > global setting. Setting that to false will enforce legacy behavior.
>> >
>> > Regards.
>> >
>> > Get Outlook for Android
>> >
>> >
>> >
>> > From: Swastik Mittal
>> > Sent: Monday, 2 April, 4:58 PM
>> > Subject: SSL authentication failure
>> > To: users@cloudstack.apache.org
>> >
>> >
>> > Hey, I was

Re: SSL authentication failure

2018-04-02 Thread Swastik Mittal 
Hey Rohit,

I set my ca.plugin.root.auth.strictness to false and restarted all the
services and one way ssl works fine. But how do I solve the bug in case I
need to enable two way ssl.

regards
Swastik

On Tue, Apr 3, 2018 at 9:21 AM, Swastik Mittal 
wrote:

> Hey Rohit
>
> I was installing a fresh enviroment. Added the host through command
> cloudstack-setup-agent, here it mentions everything done correctly but
> the host doesn't get added. (KVM host)
>
> Agent log file gives:
>
> 2018-04-03 09:12:14,584 INFO  [cloud.agent.Agent] (main:null) (logid:)
> Connecting to host:localhost
> 2018-04-03 09:12:14,584 INFO  [utils.nio.NioClient] (main:null)
> (logid:) Connecting to localhost:8250
> 2018-04-03 09:12:14,585 INFO  [utils.nio.Link] (main:null) (logid:)
> Conf file found: /etc/cloudstack/agent/agent.properties
> 2018-04-03 09:12:14,585 WARN  [utils.nio.Link] (main:null) (logid:)
> Failed to load keystore, using trust all manager
> 2018-04-03 09:12:14,589 ERROR [utils.nio.Link] (main:null) (logid:)
> SSL error caught during unwrap data: Unrecognized SSL message,
> plaintext connection?, for local address=/127.0.0.1:39863, remote
> address=localhost/127.0.0.1:8250. The client may have invalid
> ca-certificates.
> 2018-04-03 09:12:14,589 ERROR [utils.nio.NioClient] (main:null)
> (logid:) SSL Handshake failed while connecting to host: localhost
> port: 8250
> 2018-04-03 09:12:14,589 ERROR [utils.nio.NioConnection] (main:null)
> (logid:) Unable to initialize the threads.
> java.io.IOException: SSL Handshake failed while connecting to host:
> localhost port: 8250
> at com.cloud.utils.nio.NioClient.init(NioClient.java:67)
> at com.cloud.utils.nio.NioConnection.start(NioConnection.java:95)
> at com.cloud.agent.Agent.start(Agent.java:263)
> at com.cloud.agent.AgentShell.launchAgent(AgentShell.java:410)
> at com.cloud.agent.AgentShell.launchAgentFromClassInfo(
> AgentShell.java:378)
> at com.cloud.agent.AgentShell.launchAgent(AgentShell.java:362)
> at com.cloud.agent.AgentShell.start(AgentShell.java:467)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(
> NativeMethodAccessorImpl.java:62)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(
> DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:498)
> at org.apache.commons.daemon.support.DaemonLoader.start(
> DaemonLoader.java:243)
> 2018-04-03 09:12:14,590 INFO  [utils.exception.CSExceptionErrorCode]
> (main:null) (logid:) Could not find exception:
> com.cloud.utils.exception.NioConnectionException in error code list
> for exceptions
> 2018-04-03 09:12:14,590 WARN  [cloud.agent.Agent] (main:null) (logid:)
> NIO Connection Exception
> com.cloud.utils.exception.NioConnectionException: SSL Handshake failed
> while connecting to host: localhost port: 8250
> 2018-04-03 09:12:14,590 INFO  [cloud.agent.Agent] (main:null) (logid:)
> Attempted to connect to the server, but received an unexpected
> exception, trying again...
>
> While connecting through UI it gives authentication error.
>
> I also set ssh and sshd ports to 8250 and was able to ssh into
> management from host through it but still getting the same error while
> adding it in cloudstack. Management generates a key(.pem) file in the
> UI, do we need to add that file in the host settings for connection?
>
> Also my ca.plugin.root.auth.strictness settings was set to true. On
> setting it to false gives the same.
>
> Regards
> Swastik
>
> On 4/2/18, Rohit Yadav  wrote:
> > Swastik,
> >
> > Did you try to upgrade the env or installed a fresh env? How did you add
> the
> > host? Was it a kvm host or something else? Instead of localhost, can you
> use
> > an IP for the mgmt server? Also check and share your ca auth strictness
> > global setting. Setting that to false will enforce legacy behavior.
> >
> > Regards.
> >
> > Get Outlook for Android
> >
> >
> >
> > From: Swastik Mittal
> > Sent: Monday, 2 April, 4:58 PM
> > Subject: SSL authentication failure
> > To: users@cloudstack.apache.org
> >
> >
> > Hey, I was using cloudstack version 4.6 earlier and was able to
> > configure/add host to my datacenter. On installing version 4.11 on
> setting
> > up host, host is unable to connect to management on port 8250 because
> > management immediately closes the connection and does not allow
> connection
> > on that port. (Getting this error in agent log) The management server log
> > gives, SSL error caught during wrap data: null cert chain, for local
> > address=/127.0.0.1:8250, remote address=/127.0.0.1:46029. I was also not
> > able to ssh into management on port 8250 even though setting SSHD to all
> in
> > hosts.allow. I also tried allowing policies on port 8250 through ufw
> command
> > but it din't work. How do I update policies in 4.11? Any help?

Re: SSL authentication failure

2018-04-02 Thread Swastik Mittal 
Hey Rohit

I was installing a fresh enviroment. Added the host through command
cloudstack-setup-agent, here it mentions everything done correctly but
the host doesn't get added. (KVM host)

Agent log file gives:

2018-04-03 09:12:14,584 INFO  [cloud.agent.Agent] (main:null) (logid:)
Connecting to host:localhost
2018-04-03 09:12:14,584 INFO  [utils.nio.NioClient] (main:null)
(logid:) Connecting to localhost:8250
2018-04-03 09:12:14,585 INFO  [utils.nio.Link] (main:null) (logid:)
Conf file found: /etc/cloudstack/agent/agent.properties
2018-04-03 09:12:14,585 WARN  [utils.nio.Link] (main:null) (logid:)
Failed to load keystore, using trust all manager
2018-04-03 09:12:14,589 ERROR [utils.nio.Link] (main:null) (logid:)
SSL error caught during unwrap data: Unrecognized SSL message,
plaintext connection?, for local address=/127.0.0.1:39863, remote
address=localhost/127.0.0.1:8250. The client may have invalid
ca-certificates.
2018-04-03 09:12:14,589 ERROR [utils.nio.NioClient] (main:null)
(logid:) SSL Handshake failed while connecting to host: localhost
port: 8250
2018-04-03 09:12:14,589 ERROR [utils.nio.NioConnection] (main:null)
(logid:) Unable to initialize the threads.
java.io.IOException: SSL Handshake failed while connecting to host:
localhost port: 8250
at com.cloud.utils.nio.NioClient.init(NioClient.java:67)
at com.cloud.utils.nio.NioConnection.start(NioConnection.java:95)
at com.cloud.agent.Agent.start(Agent.java:263)
at com.cloud.agent.AgentShell.launchAgent(AgentShell.java:410)
at 
com.cloud.agent.AgentShell.launchAgentFromClassInfo(AgentShell.java:378)
at com.cloud.agent.AgentShell.launchAgent(AgentShell.java:362)
at com.cloud.agent.AgentShell.start(AgentShell.java:467)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at 
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at 
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at 
org.apache.commons.daemon.support.DaemonLoader.start(DaemonLoader.java:243)
2018-04-03 09:12:14,590 INFO  [utils.exception.CSExceptionErrorCode]
(main:null) (logid:) Could not find exception:
com.cloud.utils.exception.NioConnectionException in error code list
for exceptions
2018-04-03 09:12:14,590 WARN  [cloud.agent.Agent] (main:null) (logid:)
NIO Connection Exception
com.cloud.utils.exception.NioConnectionException: SSL Handshake failed
while connecting to host: localhost port: 8250
2018-04-03 09:12:14,590 INFO  [cloud.agent.Agent] (main:null) (logid:)
Attempted to connect to the server, but received an unexpected
exception, trying again...

While connecting through UI it gives authentication error.

I also set ssh and sshd ports to 8250 and was able to ssh into
management from host through it but still getting the same error while
adding it in cloudstack. Management generates a key(.pem) file in the
UI, do we need to add that file in the host settings for connection?

Also my ca.plugin.root.auth.strictness settings was set to true. On
setting it to false gives the same.

Regards
Swastik

On 4/2/18, Rohit Yadav  wrote:
> Swastik,
>
> Did you try to upgrade the env or installed a fresh env? How did you add the
> host? Was it a kvm host or something else? Instead of localhost, can you use
> an IP for the mgmt server? Also check and share your ca auth strictness
> global setting. Setting that to false will enforce legacy behavior.
>
> Regards.
>
> Get Outlook for Android
>
>
>
> From: Swastik Mittal
> Sent: Monday, 2 April, 4:58 PM
> Subject: SSL authentication failure
> To: users@cloudstack.apache.org
>
>
> Hey, I was using cloudstack version 4.6 earlier and was able to
> configure/add host to my datacenter. On installing version 4.11 on setting
> up host, host is unable to connect to management on port 8250 because
> management immediately closes the connection and does not allow connection
> on that port. (Getting this error in agent log) The management server log
> gives, SSL error caught during wrap data: null cert chain, for local
> address=/127.0.0.1:8250, remote address=/127.0.0.1:46029. I was also not
> able to ssh into management on port 8250 even though setting SSHD to all in
> hosts.allow. I also tried allowing policies on port 8250 through ufw command
> but it din't work. How do I update policies in 4.11? Any help? Reagrds
> Swastik
>
>
> rohit.ya...@shapeblue.com
> www.shapeblue.com
> 53 Chandos Place, Covent Garden, London  WC2N 4HSUK
> @shapeblue
>
>
>
>

Re: SSL authentication failure

2018-04-02 Thread Rohit Yadav 
Swastik,

Did you try to upgrade the env or installed a fresh env? How did you add the 
host? Was it a kvm host or something else? Instead of localhost, can you use an 
IP for the mgmt server? Also check and share your ca auth strictness global 
setting. Setting that to false will enforce legacy behavior.

Regards.

Get Outlook for Android



From: Swastik Mittal
Sent: Monday, 2 April, 4:58 PM
Subject: SSL authentication failure
To: users@cloudstack.apache.org


Hey, I was using cloudstack version 4.6 earlier and was able to configure/add 
host to my datacenter. On installing version 4.11 on setting up host, host is 
unable to connect to management on port 8250 because management immediately 
closes the connection and does not allow connection on that port. (Getting this 
error in agent log) The management server log gives, SSL error caught during 
wrap data: null cert chain, for local address=/127.0.0.1:8250, remote 
address=/127.0.0.1:46029. I was also not able to ssh into management on port 
8250 even though setting SSHD to all in hosts.allow. I also tried allowing 
policies on port 8250 through ufw command but it din't work. How do I update 
policies in 4.11? Any help? Reagrds Swastik


rohit.ya...@shapeblue.comĀ 
www.shapeblue.com
53 Chandos Place, Covent Garden, London  WC2N 4HSUK
@shapeblue