Project

General

Profile

Bug #14400

No Acess to GUI - SSL Handshake error

Added by Milian Reichardt over 4 years ago. Updated about 3 years ago.

Status:
Closed: Cannot reproduce
Priority:
Important
Assignee:
Suraj Ravichandran
Category:
Middleware
Target version:
Severity:
New
Reason for Closing:
Reason for Blocked:
Needs QA:
Yes
Needs Doc:
Yes
Needs Merging:
Yes
Needs Automation:
No
Support Suite Ticket:
n/a
Hardware Configuration:

CPU: AMD Phenom II X4 955 (Quad Core)
RAM: 12GB Non-ECC
Mainboard: MSI 770-C45
Drives: 3x 2TB WD Red in RAID Z1

ChangeLog Required:
No

Description

Hey,
my Server worked flawless until today. I can access all Plugins and Shares.
The WebGUI however gives me a "unexpected disconnect" error.
I can connect via SSH to the NAS. I already rebootet the Server two times and also restartet the GUI with:
Code (text):
service nginx restart
service django resart

No Errors in the output there.

In "/var/log/nginx-error.log" when I try to connect following error spams in the log:

2016/04/01 17:27:15 [crit] 9131#0: *2 SSL_shutdown() failed (SSL: error:140E0197:SSL routines:SSL_shutdown:shutdown while in init) while SSL handshaking, client: 10.1.10.19, server: 10.1.10.47:443
2016/04/01 17:27:15 [crit] 9131#0: *4 SSL_shutdown() failed (SSL: error:140E0197:SSL routines:SSL_shutdown:shutdown while in init) while SSL handshaking, client: 10.1.10.19, server: 10.1.10.47:443
2016/04/01 17:27:15 [crit] 9131#0: *5 SSL_shutdown() failed (SSL: error:140E0197:SSL routines:SSL_shutdown:shutdown while in init) while SSL handshaking, client: 10.1.10.19, server: 10.1.10.47:443
2016/04/01 17:27:15 [crit] 9131#0: *6 SSL_shutdown() failed (SSL: error:140E0197:SSL routines:SSL_shutdown:shutdown while in init) while SSL handshaking, client: 10.1.10.19, server: 10.1.10.47:443
2016/04/01 17:27:15 [crit] 9131#0: *7 SSL_shutdown() failed (SSL: error:140E0197:SSL routines:SSL_shutdown:shutdown while in init) while SSL handshaking, client: 10.1.10.19, server: 10.1.10.47:443
2016/04/01 17:27:16 [crit] 9131#0: *9 SSL_shutdown() failed (SSL: error:140E0197:SSL routines:SSL_shutdown:shutdown while in init) while SSL handshaking, client: 10.1.10.19, server: 10.1.10.47:443
2016/04/01 17:27:16 [crit] 9131#0: *10 SSL_shutdown() failed (SSL: error:140E0197:SSL routines:SSL_shutdown:shutdown while in init) while SSL handshaking, client: 10.1.10.19, server: 10.1.10.47:443

Dmesg and Messages dont show abnormal messages.

The access over HTTPS worked since Day 1 with a selfsigned Cert.

I already searched for this failure but couldn't find anything.

Build Version: FreeNAS-9.10-STABLE-201603252134

History

#1 Updated by Jordan Hubbard over 4 years ago

  • Category changed from 2 to 118
  • Assignee set to Suraj Ravichandran
  • Target version set to Unspecified

#2 Updated by Suraj Ravichandran over 4 years ago

  • Status changed from Unscreened to Screened

#3 Updated by Suraj Ravichandran over 4 years ago

  • Status changed from Screened to Closed: Cannot reproduce
  • Priority changed from No priority to Important

I have been using all sorts of self signed cert combinations on my freenas 9.10 system and never have I experienced such an issue before.

Thus, I am going to set to this to cannot reproduce.

However, I understand that you may currently be locked out of your box and thus am providing you with some instructions to execute over an ssh connection to the machine in order to revert to http mode so that atelast you can get to the GUI once again:

1. SSH into your system

2. Make a backup of your system database (for safety): 
cp /data/freenas-v1.db /data/freenas-v1.db.bak

3. Manually Set the GUI's protocol to 'http' in the database:
sqlite3 /data/freenas-v1.db "UPDATE system_settings SET stg_guiprotocol = 'http';" 

4. Ensure that the above step went through successfully by printing the value of stg_guiprotocol  from the database:
sqlite3 /data/freenas-v1.db "select stg_guiprotocol from system_settings;" 

5. Regenerate nginx config file and then restart nginx and django:
service ix-nginx onestart && service nginx restart && service django restart

At this point you can visit your freenas machine's ip in http (you may have to clear your browser's cache if it always remembers that address to be https).

Once in the machine try to first update to the latest stable build, then post the update make a new self signed CA and cert and retry. If the problem still persists you can comment back on this ticket or open a new one.

Thanks.

#4 Avatar?id=14398&size=24x24 Updated by Kris Moore about 3 years ago

  • Target version changed from Unspecified to N/A

Also available in: Atom PDF