Support Questions

Find answers, ask questions, and share your expertise

Openssl error upon host registration

Expert Contributor

I'm trying to register hostnames in Ambari but getting the error below. We tried to run yum update openssl but its got the latest version. We tried to run yum - update it didn’t help. I also tried removing the other openssl packages openssl-devel-1.0.1e-42.el6.x86_64, openssl098e-0.9.8e-17.el6.centos.2.x86_64 and restarting the ambari server/agents and same error. Tried running yum -y install opens* as well but didn’t help. Any ideas?

ERROR 2015-09-23 09:47:07,402 NetUtil.py:77 - [Errno 8] _ssl.c:492: EOF occurred in violation of protocol
ERROR 2015-09-23 09:47:07,402 NetUtil.py:78 - SSLError: Failed to connect. Please check openssl library versions.
Refer to: https://bugzilla.redhat.com/show_bug.cgi?id=1022468 for more details.
WARNING 2015-09-23 09:47:07,402 NetUtil.py:105 - Server at https://test.org:8440is not reachable, sleeping for 10 seconds...
WARNING 2015-09-23 09:47:07,402 NetUtil.py:105 - Server at https://test.org:8440is not reachable, sleeping for 10 seconds...
INFO 2015-09-23 09:47:14,746 main.py:74 - loglevel=logging.INFO
INFO 2015-09-23 09:47:14,746 main.py:74 - loglevel=logging.INFO
INFO 2015-09-23 09:47:17,403 NetUtil.py:59 - Connecting to https://test.org:8440/ca
WARNING 2015-09-23 09:47:17,404 NetUtil.py:82 - Failed to connect to https://test.org:8440/ca due to [Errno 111] Connection refused
WARNING 2015-09-23 09:47:17,404 NetUtil.py:105 - Server at https://test.org:8440is not reachable, sleeping for 10 seconds...
WARNING 2015-09-23 09:47:17,404 NetUtil.py:105 - Server at https://test.org:8440is not reachable, sleeping for 10 seconds...
ERROR 2015-09-23 09:47:19,780 main.py:315 - Fatal exception occurred:
Traceback (most recent call last):
  File "/usr/lib/python2.6/site-packages/ambari_agent/main.py", line 312, in <module>
    main(heartbeat_stop_callback)
  File "/usr/lib/python2.6/site-packages/ambari_agent/main.py", line 248, in main
    stop_agent()
  File "/usr/lib/python2.6/site-packages/ambari_agent/main.py", line 198, in stop_agent
    sys.exit(1)
SystemExit: 1
ERROR 2015-09-23 09:47:19,780 main.py:315 - Fatal exception occurred:
Traceback (most recent call last):
  File "/usr/lib/python2.6/site-packages/ambari_agent/main.py", line 312, in <module>
    main(heartbeat_stop_callback)
  File "/usr/lib/python2.6/site-packages/ambari_agent/main.py", line 248, in main
    stop_agent()
  File "/usr/lib/python2.6/site-packages/ambari_agent/main.py", line 198, in stop_agent
    sys.exit(1)
SystemExit: 1
1 ACCEPTED SOLUTION

Yes. That is a known issue. Modify Ambari Server's java.home to the standard oracle jdk.

View solution in original post

29 REPLIES 29

New Contributor

I am facing below issue even after upgrading ambari-server,ambari agent, openssl,rebooting ambari,ssh

ERROR 2016-09-20 09:48:52,494 NetUtil.py:77 - [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:590)
ERROR 2016-09-20 09:48:52,495 NetUtil.py:78 - SSLError: Failed to connect. Please check openssl library versions. 
Refer to: https://bugzilla.redhat.com/show_bug.cgi?id=1022468 for more details.
WARNING 2016-09-20 09:48:52,495 NetUtil.py:105 - Server at https://localhost:8440 is not reachable, sleeping for 10 seconds...
', None)

Connection to localhost closed.
SSH command execution finished
host=localhost, exitcode=0
Command end time 2016-09-20 09:48:54

Registering with the server...
Registration with the server failed.
Can anyone pls help me?
I am using ubuntu 16 OS





New Contributor

In our case the problem was that the other nodes have OpenJDK instead of oracle's, installing Oracle JDK on those nodes solves the problem

New Contributor

In our case the problem was that the other nodes have OpenJDK instead of oracle's, installing Oracle JDK on those nodes solves the problem

Contributor

I've been stuck with this problem for a day and I've tried everything on this post, but nothing works.

However, the link from this post solved my problem so I thought I should link it to here.

https://community.hortonworks.com/questions/121978/openssl-compatibility.html?childToView=138080#ans...

Basically, disable certificate verification on all nodes

vi /etc/python/cert-verification.cfg
[https]
verify=disable

good luck.

[ RESOLVED ]

Gone through same issue only when we are using oVirt Virtualization For our cluster deployment.

Only following solution resolved the problem (Thanks to @bing lv and @Deven Fan:

By adding below config in [security] section of

vi /etc/ambari-agent/conf/ambari-agent.ini
force_https_protocol=PROTOCOL_TLSv1_2
vi /etc/python/cert-verification.cfg 
[https] 
verify=disable

Thanks!! These changes should be performed on all hosts

New Contributor

Thanks Prashant

Explorer

Perfect solution, it works

Explorer

Hello

I've just add these two line below under security section and it works
[security]
ssl_verify_cert=0
force_https_protocol=PROTOCOL_TLSv1_2

Take a Tour of the Community
Don't have an account?
Your experience may be limited. Sign in to explore more.