Uploaded image for project: 'Thrift'
  1. Thrift
  2. THRIFT-4066

Perl client, C++ Server in cross test with SSL fails, tlsv1 alert unknown ca

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Duplicate
    • Affects Version/s: 0.10.0
    • Fix Version/s: None
    • Labels:
      None
    • Environment:

      Ubuntu 14.04 (gcc 4.6.4) Perl 5.18

      Description

      I re-enabled the two cpp-perl SSL based tests in make cross and they failed:

      cpp-perl binary framed-ip-ssl failure(255)
      cpp-perl binary buffered-ip-ssl failure(255)

      The cpp server complained that "tlsv1 alert unknown ca".

      Thu Feb 02 14:07:33 2017
      Executing: /home/jking/thrift/github/thrift/test/cpp/TestServer --protocol=binary --transport=buffered --ssl --port=41785
      Directory: /home/jking/thrift/github/thrift/test/cpp
      config:delay: 5
      config:timeout: 5
      ==========================================================================
      Starting "simple" server (buffered/binary) listen on: 41785
      Thrift: Thu Feb  2 14:07:33 2017 TConnectedClient died: SSL_accept: error code: 0
      Thrift: Thu Feb  2 14:07:33 2017 TConnectedClient died: SSL_accept: tlsv1 alert unknown ca
      Thrift: Thu Feb  2 14:07:33 2017 TConnectedClient died: SSL_accept: tlsv1 alert unknown ca
      Thrift: Thu Feb  2 14:07:34 2017 TConnectedClient died: SSL_accept: tlsv1 alert unknown ca
      Thrift: Thu Feb  2 14:07:34 2017 TConnectedClient died: SSL_accept: tlsv1 alert unknown ca
      Thrift: Thu Feb  2 14:07:34 2017 TConnectedClient died: SSL_accept: tlsv1 alert unknown ca
      Thrift: Thu Feb  2 14:07:34 2017 TConnectedClient died: SSL_accept: tlsv1 alert unknown ca
      Thrift: Thu Feb  2 14:07:35 2017 TConnectedClient died: SSL_accept: tlsv1 alert unknown ca
      Thrift: Thu Feb  2 14:07:35 2017 TConnectedClient died: SSL_accept: tlsv1 alert unknown ca
      
      Server process is successfully killed.
      ==========================================================================
      Process is killed.
      Test execution took 2.2 seconds.
      Thu Feb 02 14:07:35 2017
      

      The perl client simply said it could not connect:

      Thu Feb 02 14:07:35 2017
      Executing: perl -Igen-perl/ -I../../lib/perl/lib/ TestClient.pl --cert=../keys/client.pem --protocol=binary --transport=buffered --ssl --port=41785
      Directory: /home/jking/thrift/github/thrift/test/perl
      config:delay: 5
      config:timeout: 5
      ==========================================================================
      $VAR1 = bless( {
                       'message' => 'Thrift::SSLSocket: Could not connect to localhost:41785 ()',
                       'code' => 0
                     }, 'Thrift::TException' );
      ==========================================================================
      Return code: 255
      Test execution took 0.1 seconds.
      Thu Feb 02 14:07:35 2017
      

      Given both tests should be using the same certificate files, this is quite odd.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                jking3 James E. King III
                Reporter:
                jking3 James E. King III
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: