Go-Agent SSL Exception

240 views
Skip to first unread message

Alexandros Kotzias

unread,
Dec 24, 2015, 9:24:55 AM12/24/15
to go-cd

I am trying to setup a go-agent (I already have 2 others running and connected to the server). When I start the service I see the following error in go-agent.log:

2015-12-24 14:00:53,582 [loopThread] ERROR go.agent.service.AgentUpgradeService:64 - [Agent Upgrade] 
Couldn't connect to: https://test.de:8154/go/admin/latest-agent.status: javax.net.ssl.SSLH
andshakeException: Remote host closed connection during handshake
2015-12-24 14:00:53,582 [loopThread] ERROR thoughtworks.go.agent.AgentController:145 - [Agent Loop] E
rror occurred during loop: 
javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
        at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:965)

PS. I don't have access to the server, so I cannot look at any logs there.



rjoh...@iwsinc.com

unread,
Dec 28, 2015, 10:57:28 AM12/28/15
to go-cd
Hi all,


On Thursday, December 24, 2015 at 6:24:55 AM UTC-8, Alexandros Kotzias wrote:
2015-12-24 14:00:53,582 [loopThread] ERROR go.agent.service.AgentUpgradeService:64 - [Agent Upgrade] 
Couldn't connect to: https://test.de:8154/go/admin/latest-agent.status: javax.net.ssl.SSLH
andshakeException: Remote host closed connection during handshake


I too have had issues with agents resolving from dns identification.  So far I've only been able to do it with actual IP addresses. There might be a trick to the dns thing that we haven't learned yet.  Do yours connect with http instead of https? Do they connect with 192.168... style IP addressing?
--
Richard Johnson
rjoh...@iwsinc.com

Fredrik Wendt

unread,
Dec 29, 2015, 2:49:40 AM12/29/15
to go...@googlegroups.com
I would guess that this is because you have incompatible TLS/SSL chiphers setup. You can get into this mess if you're using different versions of Java runtime environments on the agent and server. Could you please look in the gocd server's log and see if you find "matching" error entries there? (/var/log/go-server/*.log on Linux)

/ Fredrik


The information contained in this transmission contains potentially privileged, export controlled and/or confidential information of Imageware Systems, Inc. or its customers or partners.  It is intended only to be read by the person(s) named above and for no other purpose.  You are hereby notified that any dissemination, distribution, duplication of this communication or use of its contents for any purpose not authorized expressly by Imageware Systems, Inc. is strictly prohibited and could lead to both civil and/or criminal penalties.  If you are not the intended recipient, you are prohibited to review the contents herein and please contact the sender by reply e-mail and destroy all copies of the original message.  To reply to our e-mail administrator directly, please send an e-mail to email...@iwsinc.com

--
You received this message because you are subscribed to the Google Groups "go-cd" group.
To unsubscribe from this group and stop receiving emails from it, send an email to go-cd+un...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.



--
+46 702 778511

Greg O'Lone

unread,
Jan 10, 2016, 8:16:23 AM1/10/16
to go-cd
We ran into this issue recently when trying to update to our newest certificate (we use our corporate certificate because of the inherent issues with a self-signed cert). As soon as the cert was upgraded, the agents couldn't connect and everything ground to a halt. The only solution that we've found so far was to reinstall the old certificate... But we're still trying.

tarba...@gmail.com

unread,
Jan 11, 2016, 9:37:01 AM1/11/16
to go-cd
Hi, Greg --

Did you update the agent trust stores so that the server cert will be trusted? (The agent t/s will be at /var/lib/go-agent/config/trust.jks by default.)

-J

Santhosh Basavaraju

unread,
Feb 4, 2016, 12:28:57 PM2/4/16
to go-cd

Try to use the same "JRE" version being used on the "server" on agent and this problem shud be solved.

mynkow

unread,
Jul 8, 2017, 4:03:02 PM7/8/17
to go-cd
I am in this situation after upgrading to 17.7

I regret, a lot.

Greg O'Lone

unread,
Jul 8, 2017, 4:32:48 PM7/8/17
to go...@googlegroups.com
Our problem was that the new version installed a newer version of Java and the config for JAVA_HOME pointed to the wrong place. 

Greg O'Lone
Xojo, Inc
--
You received this message because you are subscribed to a topic in the Google Groups "go-cd" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/go-cd/pkQQmZeONmI/unsubscribe.
To unsubscribe from this group and all its topics, send an email to go-cd+un...@googlegroups.com.
Reply all
Reply to author
Forward
0 new messages