Reply
Explorer
Posts: 20
Registered: ‎03-19-2018

Cloudera Manager Server : javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection

[ Edited ]

CDH Version - 5.8.2

Post configuration of TLS level -2 , i'm noticing below error message on the cloudera server logs

 

  1. I have ensured the tls_ssl=1 is set on all agent servers
  2. All CDH services and cloudera management services to be up and running
  3. no errors being noticed in the cloudera agent logs
  4. Below successfull message is also being noticed

2018-04-16 00:08:47,535 INFO WebServerImpl:org.mortbay.log: Started SslSelectChannelConnector@0.0.0.0:7183

 

i'm not sure , what needs to be done in debugging the issue.

 

 Error Message 

2018-04-16 00:45:45,577 WARN 1848785621@agentServer-27:org.mortbay.log: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?
2018-04-16 00:46:00,595 WARN 633061435@agentServer-28:org.mortbay.log: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?

 

Highlighted
Posts: 474
Topics: 14
Kudos: 77
Solutions: 41
Registered: ‎09-02-2016

Re: Cloudera Manager Server : javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connec

@Johnny_Bach

 

As mentioned in this link

https://stackoverflow.com/questions/6532273/unrecognized-ssl-message-plaintext-connection-exception

 

pls try to swap between, it may help you

http://<url>:7180

https://<url>:7183

 

 

Explorer
Posts: 20
Registered: ‎03-19-2018

Re: Cloudera Manager Server : javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connec

By swapping the ports between 7180 (HTTPS) and 7183(HTTP) , cloudera management services fails to start

Expert Contributor
Posts: 127
Registered: ‎01-08-2018

Re: Cloudera Manager Server : javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connec

The fact that your server started on port 7183 does not mean that communication between Agents and Server is over SSL.

If you have enabled the "Use TLS Encryption for Agents" and restarted the cloudera manager server, then you should verify that Cloudera Manager started with SSL and the certificate is correct?

You can do it by :

$ openssl s_client -connect cm.server:7182

 

Agents connect to the 7182 port.

 

If you get a certificate as a response then you should check the Certificate Authorities you have configured in Agents' config.

Announcements