Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Mark_C_Intel
Employee
1,796 Views

SSL Connection failed in tcp_connect on HP7800 using RCT provisioning

I am provisioning HP7800p systems using RCT. From 7800, RCT ran fine for sending hello packages and exit code 0. It is the SCS server side that showed the error log as below.

*2008-04-04 18:30:16,Cannot handle provisioning exception:

(0xCFFF06AC) SOAP Failure (23): getFullCoreVersion:

SSL_ERROR_SSLerror:14094438:SSL routines:SSL3_READ_BYTES:tlsv1 alert internal

error - SSL connect failed in tcp_connect().,Error,,66A87859-E098-11DC-BBDA-0BAF9FDD001E,dc7800-clone.k12.ca.us,PROVISIONSERVER,3489596262,10*

But the same server setting, same client HECI/LMS drives, and same RCT binary worked for some of 7800 vPro clients. The BIOS and FW is factory default with AMT 3.0. Appreciate your help to identify the problem.

Mark

0 Kudos
4 Replies
Josh_Hilliker
Employee
154 Views

Hi Mark,

I have seen this error prior, here's what we discovered in the past. also based on the log below it looks like this is prior to provisioning, therefore I would check the name in the DHCP for Option # 15.

Soap Error 23

If Prior to provisioning -> validate Option 15 using the right CN.

If after provisioning --> Kerberos.

Let me know..

Josh H

Mark_C_Intel
Employee
154 Views

My understanding of DNS option 15 is more for the vPro client when it tries to contact provisionserver.<domainname> for provisioning. Since we are using RCT, the provisionserver.<domainname> handshaking is not needed any more. As now, we can see client.<domainname> properly. It also resolved the right IP. But for some reasons, SCS cannot connect to client based on IP as shown in the log. Is this still related to option 15?

I will try to get the entire log to show the actual message

tomorrow.

Mark

idata
Community Manager
154 Views

I received this same error and resolved it by correcting the DHCP option15 option to match the suffix of the provisioning certificate. The connection-specific DNS Suffix value that is displayed when using IPCONFIG /ALL can reveal a missing or incorrect Option 15 setting.

EGome10
Beginner
154 Views

I am also facing this issue for my Website. At first I can't understand What is an SSL certificate and how to install this. After reading about this on internet I get the proper ideas about it. There are different types of SSL which provide the best security to our website. I am looking for the proper guidance to fix this connection error.

Reply