Reply
Explorer
Posts: 10
Registered: ‎04-26-2016

Cloudera 6 Heartbeat - SSLError: sslv3 alert bad certificate

I'm attempting to install Cloudera 6 as a single-node on Centos 7 using VMWare Workstation 12 for learning and POC purposes.

 

However, I'm running into heartbeat issues.  Initially I get an error saying...

 

[30/Sep/2018 21:55:05 +0000] 24667 MainThread agent ERROR Heartbeating to cloudera6.localdomain:7182 failed.
Traceback (most recent call last):
File "/opt/cloudera/cm-agent/lib/python2.7/site-packages/cmf/agent.py", line 1371, in _send_heartbeat
response = self.requestor.request('heartbeat', heartbeat_data)
File "/opt/cloudera/cm-agent/lib/python2.7/site-packages/avro/ipc.py", line 141, in request
return self.issue_request(call_request, message_name, request_datum)
File "/opt/cloudera/cm-agent/lib/python2.7/site-packages/avro/ipc.py", line 254, in issue_request
call_response = self.transceiver.transceive(call_request)
File "/opt/cloudera/cm-agent/lib/python2.7/site-packages/avro/ipc.py", line 483, in transceive
result = self.read_framed_message()
File "/opt/cloudera/cm-agent/lib/python2.7/site-packages/avro/ipc.py", line 489, in read_framed_message
framed_message = response_reader.read_framed_message()
File "/opt/cloudera/cm-agent/lib/python2.7/site-packages/avro/ipc.py", line 417, in read_framed_message
raise ConnectionClosedException("Reader read 0 bytes.")
ConnectionClosedException: Reader read 0 bytes.

 

The install program said...

 

If Use TLS Encryption for Agents is enabled in Cloudera Manager (Administration -> Settings -> Security), ensure that /etc/cloudera-scm-agent/config.ini has use_tls=1 on the host being added.

 

I updated the config.ini file, now I'm getting a slightly different error...

 

[01/Oct/2018 00:23:22 +0000] 27314 MainThread agent ERROR Heartbeating to cloudera6.localdomain:7182 failed.
Traceback (most recent call last):
File "/opt/cloudera/cm-agent/lib/python2.7/site-packages/cmf/agent.py", line 1362, in _send_heartbeat
self.cfg.max_cert_depth)
File "/opt/cloudera/cm-agent/lib/python2.7/site-packages/cmf/https.py", line 139, in __init__
self.conn.connect()
File "/opt/cloudera/cm-agent/lib/python2.7/site-packages/M2Crypto/httpslib.py", line 80, in connect
sock.connect((self.host, self.port))
File "/opt/cloudera/cm-agent/lib/python2.7/site-packages/M2Crypto/SSL/Connection.py", line 304, in connect
ret = self.connect_ssl()
File "/opt/cloudera/cm-agent/lib/python2.7/site-packages/M2Crypto/SSL/Connection.py", line 291, in connect_ssl
return m2.ssl_connect(self.ssl, self._timeout)
SSLError: sslv3 alert bad certificate

 

The message just repeats continuously.  The SSLError seems to be a new error compared to the original error.

 

I've tried this a few times, and figured I'd try to match my configuration to what I see in the QuickStart VMs.  My Hosts files is:

 

127.0.0.1 cloudera6.localdomain cloudera6 localhost localhost.localdomain
::1 localhost localhost.localdomain

 

The hostname file is :

cloudera6.localdomain

 

Any recommendations on what I should do next?

 

Thanks

W.D.

 

Posts: 910
Topics: 1
Kudos: 208
Solutions: 111
Registered: ‎04-22-2014

Re: Cloudera 6 Heartbeat - SSLError: sslv3 alert bad certificate

@Meister1867,

 

My first guess is that you accidentally enabled Agent Authentication which means that the Cloudera Manager Server requires certificate authentication but you have not configured the agent for that yet.

 

Check in Cloudera Manager's Administration --> Settings --> Security section to see if you have Use TLS Authentication of Agents to Server enabled.  If so:

 

- uncheck Use TLS Authentication of Agents to Server

- restart Cloudera Manager with "service cloudera-scm-server restart"

- verify in the Hosts --> All hosts section that the last heartbeat for your host happened less than 15 seconds ago.

 

If so, that was likely the cause.

 

If you wish to enable Agent Authentication to CM, then you can use the following section to guide you:

 

https://www.cloudera.com/documentation/enterprise/latest/topics/how_to_configure_cm_tls.html#concept...

 

Explorer
Posts: 10
Registered: ‎04-26-2016

Re: Cloudera 6 Heartbeat - SSLError: sslv3 alert bad certificate

I made updates, but now I'm getting the following error messageErrorMessage.png

[13/Oct/2018 00:09:48 +0000] 4701 MainThread agent        ERROR    Heartbeating to cloudera6.localdomain:7182 failed.
Traceback (most recent call last):
  File "/opt/cloudera/cm-agent/lib/python2.7/site-packages/cmf/agent.py", line 1371, in _send_heartbeat
    response = self.requestor.request('heartbeat', heartbeat_data)
  File "/opt/cloudera/cm-agent/lib/python2.7/site-packages/avro/ipc.py", line 141, in request
    return self.issue_request(call_request, message_name, request_datum)
  File "/opt/cloudera/cm-agent/lib/python2.7/site-packages/avro/ipc.py", line 254, in issue_request
    call_response = self.transceiver.transceive(call_request)
  File "/opt/cloudera/cm-agent/lib/python2.7/site-packages/avro/ipc.py", line 483, in transceive
    result = self.read_framed_message()
  File "/opt/cloudera/cm-agent/lib/python2.7/site-packages/avro/ipc.py", line 489, in read_framed_message
    framed_message = response_reader.read_framed_message()
  File "/opt/cloudera/cm-agent/lib/python2.7/site-packages/avro/ipc.py", line 417, in read_framed_message
    raise ConnectionClosedException("Reader read 0 bytes.")
ConnectionClosedException: Reader read 0 bytes.

I should add, I also added a line to the hosts file so that there is a non-Local IP address.

 

Before I followed the instructions to update the TLS values, I was getting this error message.

 

Announcements