SocketErrors with SSL enabled

donchev · December 13, 2018, 2:01pm

We are running a 3 Node ES cluster on Linux (4.1.1-hotfix1-1) with internal and external SSL enabled:

EVENTSTORE_USE_INTERNAL_SSL: “True”
EVENTSTORE_DISABLE_INSECURE_TCP: “True”
EVENTSTORE_INT_SECURE_TCP_PORT: “1112”
EVENTSTORE_EXT_SECURE_TCP_PORT: “1115”
EVENTSTORE_INT_TCP_PORT: “0”
EVENTSTORE_EXT_TCP_PORT: “0”

``

We are seeing a high number of logs containing lines such as:

TcpConnectionSsl::InitClientSocket(10.3.24.128:56802, L10.3.24.134:1115)
[00007,46,13:41:25.174] External TCP connection accepted: [Secure, 10.3.24.128:56802, L10.3.24.134:1115, {cd5319b5-0d21-4cfb-9c70-6aa49e639b83}].
[00007,21,13:41:30.175] [S10.3.24.128:56802, L10.3.24.134:1115]: Exception on EndAuthenticateAsServer.
The authentication or decryption has failed.
[00007,21,13:41:30.178] ES TcpConnectionSsl closed [13:41:30.178: N10.3.24.128:56802, L10.3.24.134:1115, {cd5319b5-0d21-4cfb-9c70-6aa49e639b83}]:Received bytes: 0, Sent bytes: 0
[00007,21,13:41:30.178] ES TcpConnectionSsl closed [13:41:30.178: N10.3.24.128:56802, L10.3.24.134:1115, {cd5319b5-0d21-4cfb-9c70-6aa49e639b83}]:Send calls: 0, callbacks: 0
[00007,21,13:41:30.178] ES TcpConnectionSsl closed [13:41:30.178: N10.3.24.128:56802, L10.3.24.134:1115, {cd5319b5-0d21-4cfb-9c70-6aa49e639b83}]:Receive calls: 0, callbacks: 0
[00007,21,13:41:30.178] ES TcpConnectionSsl closed [13:41:30.179: N10.3.24.128:56802, L10.3.24.134:1115, {cd5319b5-0d21-4cfb-9c70-6aa49e639b83}]:Close reason: [SocketError] The authentication or decryption has failed.
[00007,21,13:41:30.178] Connection ‘external-secure’ [10.3.24.128:56802, {cd5319b5-0d21-4cfb-9c70-6aa49e639b83}] closed: SocketError.
[00007,13,13:41:30.178] Lost connection from 10.3.24.128:56802

``

The clients (NodeJS & ESJ) are configured with "validateServer": "true" and connect via TCP to the ES and have the self-signed CA in their cert store.

From what I can see it seems the error comes from this function caught on the general Exception.

The strange thing is that this does not affect the applications (read / write / subscribe).

Does somebody experience something similar and know what is causing this?

Thanks.

BR.

B. Donchev