微信公众号搜"智元新知"关注
微信扫一扫可直接关注哦!

puppet 代理请求错误:SSL_connect SYSCALL 返回=5 errno=0 state=SSLv3/TLS write client hello

分类:编程问答

如何解决puppet 代理请求错误:SSL_connect SYSCALL 返回=5 errno=0 state=SSLv3/TLS write client hello

我在 gcp(谷歌云计算)VM 上创建了一个新的 puppetserver(6.19),但由于 SSL 错误,我无法将代理 (6.19) 连接到 puppetserver:

Error: Request to https://[server name]:8140/puppet-ca/v1/certificate/ca Failed after 17.391 seconds: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3/TLS write client hello
Error: Could not run: Request to https://[server-name]:8140/puppet-ca/v1/certificate/ca Failed after 17.391 seconds: SSL_connect SYSCALL returned=5 errno=0 state=SSLv3/TLS write client hello

我个人笔记本电脑上的另一个 puppetserver 安装工作正常(使用相同的代理)。

顺便说一句,尝试 openssl 命令返回错误: 命令:

sudo openssl s_client -connect <server name>:8140 --servername harel-rp --showcerts

回复

CONNECTED(00000003)
depth=0 CN = <server name>
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 CN = <server name>
verify error:num=21:unable to verify the first certificate
verify return:1
---
Certificate chain
 0 s:CN = <server name>
   i:CN = Puppet CA: <server name>
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
---
Server certificate
subject=CN = <server name>

issuer=CN = Puppet CA: <server name>

---
Acceptable client certificate CA names
CN = Puppet CA: <server name>
Client Certificate Types: ECDSA sign,RSA sign,DSA sign
Requested Signature Algorithms: ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA+SHA256:RSA+SHA384:RSA+SHA512:DSA+SHA256:ECDSA+SHA224:RSA+SHA224:DSA+SHA224:ECDSA+SHA1:RSA+SHA1:DSA+SHA1
Shared Requested Signature Algorithms: ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA+SHA256:RSA+SHA384:RSA+SHA512:DSA+SHA256:ECDSA+SHA224:RSA+SHA224:DSA+SHA224
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: DH,2048 bits
---
SSL handshake has read 2967 bytes and written 670 bytes
Verification error: unable to verify the first certificate
---
New,TLSv1.2,Cipher is DHE-RSA-AES128-SHA256
Server public key is 4096 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : DHE-RSA-AES128-SHA256
    Session-ID: 17DE7CA80C37F35923EB46646F340794429681FF15C1C8E784C3895016D1D0FE
    Session-ID-ctx:
    Master-Key: 93683CB5C33D7C0053FE3728FB8D89F4E9C02E1AB0AF47605E6C99D9E76FA60F40CA97DE1D5B2745F030F73AF9929F25
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1609315092
    Timeout   : 7200 (sec)
    Verify return code: 21 (unable to verify the first certificate)
    Extended master secret: yes
---
closed

请帮忙 - 搜索网络没有帮助

谢谢, 哈雷尔

版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。

苹果市值2025年有望达4万亿美元
pythonJavaScriptjavaHTMLPHPreactjsC#AndroidCSSNode.jssqlrpython-3.xMysqLjQueryc++pandasFlutterangularIOSdjangolinuxswifttypescript路由器JSON路由器设置无线路由器h3c华三华三路由器设置华三路由器电脑软件教程arraysdocker软件图文教程Cvue.jslaravelspring-boot