Re: Tunnel TLS handshake failed

Yasman · ‎06-16-2020

Hello

We have a problem with connection in Tunnel application. It seems to have something to do with a tls handshake. I have been looking in the logs and possible link with the expire addtrust.

2020-06-17 07:39:01.611 140080029505280 INFO: i:cn=AddTrust External CA Root

2020-06-17 07:39:01.611 140080029505280 INFO: s:cn=AddTrust External CA Root

2020-06-17 07:39:01.611 140080029505280 WARN: SSL certificate preverify FAILED err=10 (certificate has expired)

2020-06-17 07:39:01.611 140080029505280 INFO: TCPSocket 7 bytes sent

2020-06-17 07:39:01.611 140080029505280 DEBUG: *10046 SSL_do_handshake returns -1

2020-06-17 07:39:01.611 140080029505280 ERROR: SSL Handshake with device returns -1 error=1 error:00000000:lib(0):func(0):reason(0)

Have anyone a solution? We are using CentOS 7.

MHaagSoehner · ‎06-16-2020

Hey Yasman,

I'd suggest to migrate your CentOS Tunnel to the Unified Access Gateway. It's quick and easy to set up and might fix this issue.

Yasman · ‎06-17-2020

Sorry, idk if thats the right solution now. We want to countinue with tunnel for now.

MHaagSoehner · ‎06-17-2020

UAG is still using the Tunnel app; it's just a new access appliance. The Linux Tunnel is deprecated, iirc.

For more info see VMware | Docs.

Penfold72 · ‎06-17-2020

We occasionally have this issue on the Tunnel server....it seems that something on the server doesn't release the TCP sockets so they run out. A reboot of the server usually resolves it.

We're now scheduling a monthly reboot of the server before we go to UAG later this year.

Yasman · ‎06-23-2020

The problem is AddTrust External CA Root. It runned out 30. mai

All

Tunnel TLS handshake failed

Device Management