AnsweredAssumed Answered

Tunnel Status Error

Question asked by San_Mr on Feb 20, 2019
Latest reply on Feb 26, 2019 by Yu_Ishitani

Hello Good Day!

 

We started seeing this error "SSL coonnection to XX.XX.XX.XX/48003 failed. Please check the server log for more information! Reason: Certificate verfiy failed" in tunnel status. We tried to reissue and recreated the tunnel but no luck. Telnet to tunnel port 48003 shows connected. Has anyone come across this issue? Kindly let us know on how to fix.

Log from hub where tunnel client is configured

 

Feb 19 20:41:14:077 [11204] hub: SSL handshake start from XX.XX.XX/48003: before/connect initialization
Feb 19 20:41:14:077 [11204] hub: SSL state (connect): before/connect initialization
Feb 19 20:41:14:077 [11204] hub: SSL state (connect): SSLv3 write client hello A
Feb 19 20:41:14:140 [11204] hub: SSL state (connect): SSLv3 read server hello A
Feb 19 20:41:14:140 [11204] hub: SSL error with certificate at depth 1 error: certificate has expired (10)
Feb 19 20:41:14:140 [11204] hub: issuer = /C=UN/ST=United States/L=United States/O=ACS/OU=ACS/emailAddress=XX.XX.XX.com/CN=Tunnel CA - XX.XX.XX
Feb 19 20:41:14:140 [11204] hub: subject = /C=UN/ST=United States/L=United States/O=ACS/OU=ACS/emailAddress=XX.XX.XX.com/CN=Tunnel CA - XX.XX.XX
Feb 19 20:41:14:140 [11204] hub: SSL alert (write): fatal: certificate expired
Feb 19 20:41:14:140 [11204] hub: ssl_connect - SSL_connect error (1) on new SSL connection XX.XX.XX/48003
Feb 19 20:41:14:140 [11204] hub: SSL_connect error occured
Feb 19 20:41:14:140 [11204] hub: [1] error:0x14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Feb 19 20:41:14:140 [11204] hub: TSESS could not connect to tunnel XX.XX.XX/48003 (336134278)
Feb 19 20:41:14:140 [11204] hub: CTRL connection error: certificate verify failed (134)
Feb 19 20:41:14:140 [11204] hub: CTRL could not connect to server XX.XX.XX/48003
Feb 19 20:41:14:140 [11204] hub: internal alarm - Connection error. SSL connection to (XX.XX.XX) failed. Reason: certificate verify failed, 5, XX.XX.XX
Feb 19 20:41:14:140 [11204] hub: LOCK(sessctrl_thread:remove NIMSESS)
Feb 19 20:41:14:140 [11204] hub: UNLOCK(sessctrl_thread:remove NIMSESS)
Feb 19 20:41:14:140 [11204] hub: CTRL is waiting for 0 TSESS to terminate
Feb 19 20:41:14:140 [11204] hub: LOCK(sessctrl_stop_sessions: remove sessions)
Feb 19 20:41:14:140 [11204] hub: UNLOCK(sessctrl_stop_sessions: remove sessions)
Feb 19 20:41:14:140 [11204] hub: CTRL waited 0 seconds for 0 TSESS to terminate
Feb 19 20:41:14:140 [11204] hub: CTRL N/A is terminating with exit code 1

 

Thanks in advance!!

Outcomes