![SWTB_logo_rgb_color_mode-wPadding-2000x961.png]](https://help.softwaretoolbox.com/hs-fs/hubfs/SWTB_General/Images/Press_Kit/SWTB_logo_rgb_color_mode-wPadding-2000x961.png?height=50&name=SWTB_logo_rgb_color_mode-wPadding-2000x961.png){kind=logo}
SSL Certificate Failure with DataHub Tunneling
I am using the latest version of the DataHub, and trying establish a Tunnel using SSL. The Status of my tunnel on my slave node is showing "SSL Failed". The DataHub event log shows the following sequence repeatedly:
[2015-10-07 07:26:16.855] I: Attempting outgoing secure slave connection to <TunnelMasterIP:Port>
[2015-10-07 07:26:16.857] I: Outgoing TCP connection KEEPALIVE socket option set: ON
[2015-10-07 07:26:16.865] E: SSL Certificate failure: 18: depth 0: self signed certificate: /C=CA/ST=Ontario/L=Georgetown/O=Cogent Real-Time Systems Inc./OU=Developers/CN=developers.cogentrts.com/emailAddress=support@cogent.ca
[2015-10-07 07:26:16.867] I: Outgoing slave connection to <TunnelMasterIP:Port> failedI am using the datahub.pem certificate, in the default directory, that came with the DataHub. How do I fix this?
This is actually expected behavior with any DataHub Build after 7.3.6 when not using a SSL certificate specifically generated for your machine. The default datahub.pem certificate is expired, and was generated for a different host; it does not supply trust - only encryption.
There are two options to resolve this issue and get the tunnel working:
- Disable the "Reject invalid certificate", and the "Reject host name mismatch" fields; found in the tunnel slave node settings.
- Use an external Certificate Authority (CA) to generate a SSL Certificate for the machine hosting your Tunnel Master node.