Problem
After implementing certificates on the RES ONE Workspace Portable Relay Server for Linux the communication fails.As a result the RES ONE Workspace Agents or downstream RES ONE Workspace Portable Relay Servers are not visible in the RES ONE Workspace Console.
The following can be found in the log of the RES ONE Workspace Portable Relay Server (the interesting parts are highlighted):
2017-03-21 13:13:59:371481 - 0x00007f42459d4880 - Error - ClientConnectionManager - at void ClientConnectionManager::useConfiguredCertificate(const ConnectionSettings&) - File /etc/res/relayserver.crt Error Permission denied
2017-03-21 13:13:59:371791 - 0x00007f42459d4880 - Error - ClientConnectionManager - at void ClientConnectionManager::useConfiguredCertificate(const ConnectionSettings&) - Key File /etc/res/relayserver.key Error Permission denied
2017-03-21 13:14:22:771770 - 0x00007f42459d4880 - Error - SocketConnection - at SocketConnection::switchToSSL(boost::asio::ssl::context&, const string&, std::function<void(bool)>)::<lambda(const boost::system::error_code&)> - Error in Client TLS Handshake [172.24.0.161:48824]: no shared cipher
2017-03-21 13:14:27:797551 - 0x00007f42459d4880 - Error - SocketConnection - at SocketConnection::switchToSSL(boost::asio::ssl::context&, const string&, std::function<void(bool)>)::<lambda(const boost::system::error_code&)> - Error in Client TLS Handshake [172.24.0.161:48826]: no shared cipher
Cause
The service cannot read the certificate files.Solution
Change the owner of /etc/res/relayserver.crt and /etc/res/relayserver.key to the account that is used on the service.chown res-relayserver:res-relayserver /etc/res/relayserver.*
Comments