I deployed CloudFoundry on top of vSphere using BOSH (full BOSH with CF manifest file) with attribute srv_api_uri: http://api.cf.epam.by
When I trying to login into my CloudFoundry instance I got error
vmc login
target: http://api.cf.epam.by
OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv2/v3 read server hello A: unknown protocol
For more information, see ~/.vmc/crash
result of vmc login -t is
target: http://api.cf.epam.by
>>>
REQUEST: GET /info
REQUEST_HEADERS:
accept : application/json
user-agent : Ruby
content-length : 0
RESPONSE: [200]
RESPONSE_HEADERS:
date : Fri, 04 Jan 2013 09:51:24 GMT
server : nginx
content-type : application/json; charset=utf-8
etag : "35acd28a7b24338237a8a1025d78f6ca"
cache-control : max-age=0, private, must-revalidate
x-ua-compatible : IE=Edge,chrome=1
transfer-encoding : chunked
{
"name": "vcap",
"build": 2222,
"support": "http://support.cloudfoundry.com",
"version": "0.999",
"description": "VMware's Cloud Application Platform",
"allow_debug": false,
"frameworks": {
"sinatra": {
"name": "sinatra",
"runtimes": [
{
"name": "ruby18",
"version": "1.8.7p357",
"description": "Ruby 1.8"
},
{
"name": "ruby19",
"version": "1.9.2p180",
"description": "Ruby 1.9"
}
],
"detection": [
{
"*.rb": "\\s*require[\\s\\(]*['\"]sinatra(/base)?['\"]"
},
{
"config/environment.rb": false
}
]
},
"play": {
"name": "play",
"runtimes": [
{
"name": "java",
"version": "1.6.0_24",
"description": "Java 6"
},
{
"name": "java7",
"version": "1.7.0_04",
"description": "Java 7"
}
],
"detection": [
{
"lib/play.*.jar": true
}
]
},
"standalone": {
"name": "standalone",
"runtimes": [
{
"name": "java",
"version": "1.6.0_24",
"description": "Java 6"
},
{
"name": "java7",
"version": "1.7.0_04",
"description": "Java 7"
},
{
"name": "ruby18",
"version": "1.8.7p357",
"description": "Ruby 1.8"
},
{
"name": "ruby19",
"version": "1.9.2p180",
"description": "Ruby 1.9"
},
{
"name": "node",
"version": "0.4.12",
"description": "Node.js"
},
{
"name": "node06",
"version": "0.6.8",
"description": "Node.js"
},
{
"name": "node08",
"version": "0.8.2",
"description": "Node.js"
}
],
"detection": [ ]
},
"rack": {
"name": "rack",
"runtimes": [
{
"name": "ruby18",
"version": "1.8.7p357",
"description": "Ruby 1.8"
},
{
"name": "ruby19",
"version": "1.9.2p180",
"description": "Ruby 1.9"
}
],
"detection": [
{
"config.ru": true
},
{
"config/environment.rb": false
}
]
},
"node": {
"name": "node",
"runtimes": [
{
"name": "node",
"version": "0.4.12",
"description": "Node.js"
},
{
"name": "node06",
"version": "0.6.8",
"description": "Node.js"
},
{
"name": "node08",
"version": "0.8.2",
"description": "Node.js"
}
],
"detection": [
{
"*.js": "."
}
]
},
"spring": {
"name": "spring",
"runtimes": [
{
"name": "java",
"version": "1.6.0_24",
"description": "Java 6"
},
{
"name": "java7",
"version": "1.7.0_04",
"description": "Java 7"
}
],
"detection": [
{
"*.war": true
}
]
},
"lift": {
"name": "lift",
"runtimes": [
{
"name": "java",
"version": "1.6.0_24",
"description": "Java 6"
},
{
"name": "java7",
"version": "1.7.0_04",
"description": "Java 7"
}
],
"detection": [
{
"*.war": true
}
]
},
"rails3": {
"name": "rails3",
"runtimes": [
{
"name": "ruby18",
"version": "1.8.7p357",
"description": "Ruby 1.8"
},
{
"name": "ruby19",
"version": "1.9.2p180",
"description": "Ruby 1.9"
}
],
"detection": [
{
"config/application.rb": true
},
{
"config/environment.rb": true
}
]
},
"java_web": {
"name": "java_web",
"runtimes": [
{
"name": "java",
"version": "1.6.0_24",
"description": "Java 6"
},
{
"name": "java7",
"version": "1.7.0_04",
"description": "Java 7"
}
],
"detection": [
{
"*.war": true
}
]
},
"grails": {
"name": "grails",
"runtimes": [
{
"name": "java",
"version": "1.6.0_24",
"description": "Java 6"
},
{
"name": "java7",
"version": "1.7.0_04",
"description": "Java 7"
}
],
"detection": [
{
"*.war": true
}
]
}
},
"authorization_endpoint": "https://uaa.cf.epam.by"
}
<<<
>>>
REQUEST: GET /login
REQUEST_HEADERS:
accept : application/json
user-agent : Ruby
content-length : 0
OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv2/v3 read server hello A: unknown protocol
For more information, see ~/.vmc/crash
Why it's trying to use SSL?
Why "authorization_endpoint": "https://uaa.cf.epam.by" used https rather http? ( http://uaa.cf.epam.by is available but not a https://uaa.cf.epam.by)
P.S. I open such discussion at Google Groups https://groups.google.com/a/cloudfoundry.org/forum/#!topic/vcap-dev/OAZcsFiZ3LA%5B1-25-false%5D but on this moment I have nothing. Can somebody help me to figure out what is wrong?
The current cf-release jobs have cloud_controller.yml.erb with a hard-coded https URL for the UAA. This is definitely mandatory in production, but I can see why you might want to change it in a dev environment. There are other places where the protocol is configured or guessed, e.g. in login.yml.erb:
<% if !properties.login || !properties.login.uaa_base
# Fix this to https when SSL certs are working in dev and staging
protocol = (properties.login && properties.login.protocol) ? properties.login.protocol : "http"
uaa_base = "#{protocol}://uaa.#{properties.domain}"
else
uaa_base = properties.login.uaa_base
end %>
You could modify the cloud_controller.yml.erb to do something similar and re-deploy.