[SERVER-15364] Error connecting in SSL replica set (SSL routines:SSL_write:protocol is shutdown) Created: 23/Sep/14  Updated: 24/Sep/14  Resolved: 24/Sep/14

Status: Closed
Project: Core Server
Component/s: Networking
Affects Version/s: 2.6.1
Fix Version/s: None

Type: Bug Priority: Major - P3
Reporter: Dharshan Rangegowda Assignee: Unassigned
Resolution: Done Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Operating System: ALL
Participants:

 Description   

I have a three node replica set with SSL enabled. The third server is not able to connect to the other servers with the following error - SSL: error:140D00CF:SSL routines:SSL_write:protocol is shutdown. I have verified that the keyfile and certificate are both fine.

If I try to connect from the mongodb command line to the other servers in the replica set it works fine - so it doesn't appear to a networking issue. Full logs are below. I have a live repro if you are interested.

2014-09-23T21:38:03.452+0000 [initandlisten] MongoDB starting : pid=25105 port=27017 dbpath=/mongodb_data 64-bit host=atlgnax2z010.teknas.com
2014-09-23T21:38:03.453+0000 [initandlisten]
2014-09-23T21:38:03.453+0000 [initandlisten] ** WARNING: /proc/sys/vm/zone_reclaim_mode is 1
2014-09-23T21:38:03.453+0000 [initandlisten] **          We suggest setting it to 0
2014-09-23T21:38:03.453+0000 [initandlisten] **          http://www.kernel.org/doc/Documentation/sysctl/vm.txt
2014-09-23T21:38:03.453+0000 [initandlisten] db version v2.6.1
2014-09-23T21:38:03.453+0000 [initandlisten] git version: 4b95b086d2374bdcfcdf2249272fb552c9c726e8
2014-09-23T21:38:03.453+0000 [initandlisten] OpenSSL version: OpenSSL 1.0.1e-fips 11 Feb 2013
2014-09-23T21:38:03.453+0000 [initandlisten] build info: Linux SG-mongo261build-2712 2.6.32-358.6.2.el6.x86_64 #1 SMP Thu May 16 20:59:36 UTC 2013 x86_64 BOOST_LIB_VERSION=1_49
2014-09-23T21:38:03.453+0000 [initandlisten] allocator: tcmalloc
2014-09-23T21:38:03.453+0000 [initandlisten] options: { config: "/etc/mongod.conf", net: { ssl: { PEMKeyFile: "/etc/ssl/mongodb.pem", mode: "requireSSL" } }, processManagement: { fork: true, pidFilePath: "/var/run/mongodb/mongod.pid" }, replication: { replSet: "RS-Teknas-0" }, security: { authorization: "enabled", keyFile: "/var/lib/mongo/rskey" }, storage: { dbPath: "/mongodb_data" }, systemLog: { destination: "file", logAppend: true, path: "/var/log/mongodb/mongod.log" } }
2014-09-23T21:38:03.481+0000 [initandlisten] exception in initAndListen: 10310 Unable to lock file: /mongodb_data/mongod.lock. Is a mongod instance already running?, terminating
2014-09-23T21:38:03.481+0000 [initandlisten] dbexit:
2014-09-23T21:38:03.481+0000 [initandlisten] shutdown: going to close listening sockets...
2014-09-23T21:38:03.481+0000 [initandlisten] shutdown: going to flush diaglog...
2014-09-23T21:38:03.481+0000 [initandlisten] shutdown: going to close sockets...
2014-09-23T21:38:03.481+0000 [initandlisten] shutdown: waiting for fs preallocator...
2014-09-23T21:38:03.481+0000 [initandlisten] shutdown: lock for final commit...
2014-09-23T21:38:03.481+0000 [initandlisten] shutdown: final commit...
2014-09-23T21:38:03.481+0000 [initandlisten] shutdown: closing all files...
2014-09-23T21:38:03.481+0000 [initandlisten] closeAllFiles() finished
2014-09-23T21:38:03.481+0000 [initandlisten] dbexit: really exiting now
2014-09-23T21:38:03.620+0000 [rsStart] replSet REMOVED
2014-09-23T21:38:03.620+0000 [rsStart] replSet info self not present in the repl set configuration:
2014-09-23T21:38:03.620+0000 [conn4] end connection 54.236.119.235:42213 (1 connection now open)
2014-09-23T21:38:03.620+0000 [conn2] end connection 54.236.119.236:49729 (1 connection now open)
2014-09-23T21:38:03.620+0000 [rsStart] { _id: "RS-Teknas-0", version: 1, members: [ { _id: 0, host: "SG-Teknas-3431.servers.mongodirector.com:27017" }, { _id: 1, host: "SG-Teknas-3432.servers.mongodirector.com:27017" }, { _id: 5, host: "SG-Teknas-3436.servers.mongodirector.com:27017" } ] }
2014-09-23T21:38:03.620+0000 [rsStart] trying to contact SG-Teknas-3431.servers.mongodirector.com:27017
2014-09-23T21:38:03.620+0000 [rsStart] ERROR: SSL: error:140D00CF:SSL routines:SSL_write:protocol is shutdown
2014-09-23T21:38:03.621+0000 [rsStart] trying to contact SG-Teknas-3432.servers.mongodirector.com:27017
2014-09-23T21:38:04.440+0000 [initandlisten] connection accepted from 54.236.119.236:49730 #5 (1 connection now open)



 Comments   
Comment by Ramon Fernandez Marina [ 24/Sep/14 ]

Understood, thanks for letting us know dharshanr@scalegrid.net.

Comment by Dharshan Rangegowda [ 24/Sep/14 ]

Please resolve. This appears to be a network routing issue.

Generated at Thu Feb 08 03:37:48 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.