Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

TLS cloudera manager

Solved Go to solution

TLS cloudera manager

New Contributor

Can group please assist with TLS 1 configuration and following error rcvd.

 

Followed the instruction available at cloduera documentation:

use_tls=1

(self signed certificate), RHEL 6.5 CM 5.7

 

Details from agent log file.

 

11/Sep/2016 12:25:21 +0000] 7617 MainThread agent ERROR Heartbeating to 192.168.1.70:7182 failed.
Traceback (most recent call last):
File "/usr/lib64/cmf/agent/build/env/lib/python2.6/site-packages/cmf-5.7.1-py2.6.egg/cmf/agent.py", line 1201, in _send_heartbeat
self.max_cert_depth)
File "/usr/lib64/cmf/agent/build/env/lib/python2.6/site-packages/cmf-5.7.1-py2.6.egg/cmf/https.py", line 131, in __init__
self.conn.connect()
File "/usr/lib64/cmf/agent/build/env/lib/python2.6/site-packages/M2Crypto-0.21.1-py2.6-linux-x86_64.egg/M2Crypto/httpslib.py", line 50, in connect
self.sock.connect((self.host, self.port))
File "/usr/lib64/cmf/agent/build/env/lib/python2.6/site-packages/M2Crypto-0.21.1-py2.6-linux-x86_64.egg/M2Crypto/SSL/Connection.py", line 185, in connect
ret = self.connect_ssl()
File "/usr/lib64/cmf/agent/build/env/lib/python2.6/site-packages/M2Crypto-0.21.1-py2.6-linux-x86_64.egg/M2Crypto/SSL/Connection.py", line 178, in connect_ssl
return m2.ssl_connect(self.ssl)
SSLError: unknown group

 

 

1 ACCEPTED SOLUTION

Accepted Solutions

Re: TLS cloudera manager

Super Guru

Hello,

 

The "unknown group" error is usually caused by an older package of OpenSSL being installed on your hosts.

Run rpm -qa openssl

If you see a version like this: openssl-1.0.1e-15.el6 then upgrade your openssl to a later package, restart the agent, then try again.

 

Regards,

 

Ben

2 REPLIES 2

Re: TLS cloudera manager

Super Guru

Hello,

 

The "unknown group" error is usually caused by an older package of OpenSSL being installed on your hosts.

Run rpm -qa openssl

If you see a version like this: openssl-1.0.1e-15.el6 then upgrade your openssl to a later package, restart the agent, then try again.

 

Regards,

 

Ben

Re: TLS cloudera manager

New Contributor

Thanks Team

 

Yes, the issue was due to older version of ssl, had fixed this issues last.

Thanks for the details shared.

 

 

thank you

Kashi

Don't have an account?
Coming from Hortonworks? Activate your account here