Author Topic: cp_system_log problem  (Read 1464 times)

Offline acejavelin

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 4099
  • Country: us
  • Karma: +133/-0
  • High-tech, heavy metal redneck!
    • View Profile
    • Like what I do and wanna help out? Send me a donation!
cp_system_log problem
« on: September 13, 2016, 03:17:18 PM »
So I have a system that I was scouring logs trying to figure out who set a remote forward on a phantom number, and in digging through the cp_system_log_(date).txt files, they are all full of the same message just repeated over and over, but no other data:

[2016-09-13 13:53:49 SSL]    SSL Error: (null)
[2016-09-13 13:53:49 CP Master SSL Socket] SSL negotiation failed
[2016-09-13 13:54:24 SSL] SSL_accept() failed - returned -1, error code 1
[2016-09-13 13:54:24 SSL]    SSL Error: (null)
[2016-09-13 13:54:24 CP Master SSL Socket] SSL negotiation failed
[2016-09-13 13:54:59 SSL] SSL_accept() failed - returned -1, error code 1
[2016-09-13 13:54:59 SSL]    SSL Error: (null)
[2016-09-13 13:54:59 CP Master SSL Socket] SSL negotiation failed
[2016-09-13 13:55:34 SSL] SSL_accept() failed - returned -1, error code 1

The SSL cert is not expired and seems to contain the correct data. Do I need to regenerate it or ???

Rel 6.0SP2


Offline DND ON

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 908
  • Country: us
  • Karma: +23/-0
    • View Profile
Re: cp_system_log problem
« Reply #1 on: September 13, 2016, 03:33:05 PM »
Any reason to not generate a new certificate? I've never seen this message.

Offline acejavelin

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 4099
  • Country: us
  • Karma: +133/-0
  • High-tech, heavy metal redneck!
    • View Profile
    • Like what I do and wanna help out? Send me a donation!
Re: cp_system_log problem
« Reply #2 on: September 13, 2016, 05:07:52 PM »
Any reason to not generate a new certificate? I've never seen this message.
No... I did already and restarted the webserver, no change.

Offline Tech Electronics

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 2983
  • Country: us
  • Karma: +89/-1
    • View Profile
Re: cp_system_log problem
« Reply #3 on: September 13, 2016, 11:37:43 PM »
Acejavelin,

This might be more of a socket error than an actual SSL certification error from what I am reading.

Can you do a default of the phone system in question and see if it does it with a default DB and then reload the database back in if it is no longer doing it? Basically take the whole thing back to day 1 and see if the problem still exists. I wonder if the system was compromised from an external threat?

Just to let you know I have never seen that error before so my solution may be way off, but it is how I would try and start to solve it.

Thanks,

TE

Offline acejavelin

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 4099
  • Country: us
  • Karma: +133/-0
  • High-tech, heavy metal redneck!
    • View Profile
    • Like what I do and wanna help out? Send me a donation!
Re: cp_system_log problem
« Reply #4 on: September 14, 2016, 08:53:57 AM »
Acejavelin,

This might be more of a socket error than an actual SSL certification error from what I am reading.

Can you do a default of the phone system in question and see if it does it with a default DB and then reload the database back in if it is no longer doing it? Basically take the whole thing back to day 1 and see if the problem still exists. I wonder if the system was compromised from an external threat?

Just to let you know I have never seen that error before so my solution may be way off, but it is how I would try and start to solve it.

Thanks,

TE
Unfortunately I don't think that will be possible... this customer is 2 hours away, has let their software assurance go, and since they don't see a problem in day to day usage won't pay to troubleshoot it further. I did a backup and tested it and it was pretty much clean (a bunch of name issues with / in the name that the new DB test is throwing fits over, otherwise clean) and I can't open a ticket with Mitel so I guess it's just hang on to the database and see what happens for now. Maybe if one of the techs gets down there for a service call or something they can look at it.

And I don't think an external (public) threat is the issue, this system has no port forwarding from the outside world, the only way to get to it is locally or via a VPN connection to the customers network.
« Last Edit: September 14, 2016, 09:26:09 AM by acejavelin »


 

Sitemap 1 2 3 4 5 6 7 8 9 10