Question

HTTP transfer error: SSL connect error.


Badge +2

ERROR |HTTPCaller (HTTPFactory): [1]: HTTP transfer error: SSL connect error.

When I run a ws with a http-caller on a Remote desktop (and FME-server) I get the fault.

When I run the same ws with a http-caller local it runs well (but very slow).

There is no firewall issue running on the remote desktop and running on the fme-server.

 

Why do I get this error? and why is the same workspace running well lacally?

Are there steps I can take to locate and solve this fault/message.


6 replies

Badge +10

Hi @perry​ ,

 

I would recommend changing your logging level in FME Workbench to include debug (Tools --> FME Options --> Translation --> Log Message Filter --> Log Debug) and then publishing the workspace to FME Server. The enhanced logging will remain and normally you get more detail on the SSL error. Additionally, I would confirm that desktop and FME Server are the exact same build, and that no proxy differences play into either FME Desktop or FME Server configuration.

Badge +7

Hi @richardatsafe​ ,

We are getting simiral error here. With HTTPCaller we try to trigger automation over webhook URL from FME Server. In FME Desktop HTTPCaller (with webhook automation) runs perfectly fine, however when we publish Workspace on FME Server as JobSubmitter, HTTPCaller shows following error:

730	2023-4-10 18:55:26 | HTTPCaller (HTTPFactory): [1]: HTTP transfer error: SSL peer certificate or SSH remote key was not OK
731 2023-4-10 18:55:26 | HTTPCaller (HTTPFactory): [1]: Please ensure that your network connection is properly set up
732 2023-4-10 18:55:26 | HTTPCaller (HTTPFactory): [1]: No proxy settings have been entered. If you require a proxy to access external URLs, please ensure the appropriate information has been entered
733 2023-4-10 18:55:26 | HTTPCaller (HTTPFactory): An error occurred while accessing the URL 'https://SERVER_URL/fmerest/v3/automations/workflows/8eacfac5-dbee-4a6b-9527-7008857ea3ec/token/message'
734 2023-4-10 18:55:26 | The below feature caused the translation to be terminated
1072 2023-4-10 18:55:26 | HTTPCaller_<Rejected> (TeeFactory): HTTPCaller_<Rejected>: Termination Message: 'HTTPCaller output a <Rejected> feature. To continue translation when features are rejected, change 'Workspace Parameters' > Translation > 'Rejected Feature Handling' to 'Continue Translation''
1073 2023-4-10 18:55:26 | HTTPCaller_<Rejected> (TeeFactory): (foundation/funcs/cmabort.cpp:130) virtual StatusInfo* STFAbortCmd::execute(STFFeature&, const FMEVariantList&, FMEVariant&)
1074 2023-4-10 18:55:26 | HTTPCaller_<Rejected> (TeeFactory): (foundation/framework/engine/cpathcommandinfo.cpp:99) StatusInfo* CPathCommandInfo::executeCommand(STFFeature&, CMD_ValuePassDict&)
1075 2023-4-10 18:55:26 | HTTPCaller_<Rejected> (TeeFactory): (foundation/framework/engine/stfspec.cpp:1079) StatusInfo* STFSpec::doForwardFuncsOnFeature(STFFeature&)
1076 2023-4-10 18:55:26 | HTTPCaller_<Rejected> (TeeFactory): (foundation/framework/engine/stfspec.h:263) StatusInfo* STFSpec::doForwardFuncsOnFeatureAndProcess(STFFeature*&, const ProcessFunc&) [with ProcessFunc = STFFactory::CompleteFunctor]
1077 2023-4-10 18:55:26 | HTTPCaller_<Rejected> (TeeFactory): (foundation/factories/factory.cpp:510) virtual StatusInfo* STFFactory::acceptFeature(STFFeature*&)
1078 2023-4-10 18:55:26 | BADNEWS: An error has occurred. Check the logfile above for details
1079 2023-4-10 18:55:26 | (foundation/pluginbuilder/pluginbuilder_cpp/dynafact.cpp:259) virtual StatusInfo* STFDynamicFactory::doneAllGroups()

I believe, we don't need to set up proxy configuration, since we don't use proxy server (https://docs.safe.com/fme/html/FME_Server_Documentation/WebUI/Proxy.htm)...

Just logs with foundation, STFDynamicFactory, etc confuses me, since we cannot find anything online...

Do you have any suggestions on this issue?

Badge +2

On our RD we use Ivanti. This was the reason my ETL was bloked running on the RD. After ajusting the rules of Ivanti it will run fine on the RD. Maybe this can help you?

Badge +7

Thanks @perry​ 

We don't access to the server over RD. FME Server is hosted on Linux (ubuntu 20.04) and we access to it using SSH Client.

I think something should be configured on FME Server (or Ubuntu 20.04 or both) itself, but the error confuses us, since nothing can be found online...

Badge +10

Hi @dejan11​ ,

 

This error can be generic and indicate that FME Server does not have internet access to the enpoint, which looks to be the same FME Server that it's called from in your case. Can you confirm that this machine can resolve its own DNS name? Using localhost as the host in the HTTPCaller may also be a good test to confirm is not a DNS issue.

 

Badge +7

Hi @dejan11​ ,

 

This error can be generic and indicate that FME Server does not have internet access to the enpoint, which looks to be the same FME Server that it's called from in your case. Can you confirm that this machine can resolve its own DNS name? Using localhost as the host in the HTTPCaller may also be a good test to confirm is not a DNS issue.

 

I would be honest, we have tried with localhost before, but now when you have mentioned we realized that we were not paying attention to the PORT, so we added PORT number in the url now.

With the following URL HTTPCaller on FMEServer worked : http://localhost:8080/fmerest/v3/automations/workflows/8eacfac5-dbee-4a6b-9527-7008857ea3ec/token/message

Thank you!

Reply