Ask Your Question
1

SSL Handshake fails on instances [closed]

asked 2013-09-27 05:00:03 -0500

wink gravatar image

updated 2013-09-27 07:24:57 -0500

Hello, I've got a fresh grizzly setup and on my instances, I can't connect to some websites via SSL.

This is my test url:

wget --debug --no-check-certificate https://raw.github.com/pypa/pip/master/contrib/get-pip.py

It works perfectly on the controller/network node, or on the compute node, so it's basically reachable.

On an instance though, wget hangs at "Initiating SSL handshake" indefinitely. We first suspected it to be the fastly SSL certificate, as fetching from PyPI also didn't work, but that would not explain it working from the host. (Both Ubunut 12.04.3).

Fetching stuff via SSL from other hosts works as well, so it's probably not a broken libssl either.

Could it be something with iptables?

// EDIT: Removed tcpdump output to improve readability.

edit retag flag offensive reopen merge delete

Closed for the following reason duplicate question by smaffulli
close date 2014-09-08 15:56:22.149117

1 answer

Sort by ยป oldest newest most voted
0

answered 2013-09-27 07:24:13 -0500

wink gravatar image

updated 2013-09-27 07:25:31 -0500

So apparently the MTU is the solution, as seen in this post: https://ask.openstack.org/en/question/1993/ssl-traffic-from-network-node-to-vm/

I had originally tried to lower the MTU already, but not to 1400.

What's really fascinating is that it worked for some hosts and no for others.

edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools

2 followers

Stats

Asked: 2013-09-27 05:00:03 -0500

Seen: 1,593 times

Last updated: Sep 27 '13