"Could not verify connection" error on HTTPS mode connection

We were using unencrypted/HTTP connection between mode-bridge and presto cluster (behind ELB) and queries are working.

Now we enabled HTTPS listener on our presto proxy ELB and verified with presto-jdbc based query tool that submit query to the ELB through SSL works fine. We created a new connections with encryption turn on to the HTTPS port 8443 on the ELB. However save changes of this setting failed with "Could not verify connection: We're having trouble verifying your connection. "

From our logs, the underneath query successfully reached presto coordinator and executed. The nextUrl field in the presto reply appear to be correct (see below). One thing we noticed is the bridge-server port is 8443 instead of a random one as observed in other HTTP query cases.

What might be wrong and how to fix it?

{

    "lvlname": "DEBUG",

    "lvlno": "10",

    "msg": "{

      "id":"20181128_230633_00694_6qjq2",

      "infoUri":"https://bridge-server-08d7eef4d1ba59480.production.mode-aws-internal:8443/ui/query.html?20181128_230633_00694_6qjq2",

      "nextUri":"https://bridge-server-08d7eef4d1ba59480.production.mode-aws-internal:8443/v1/statement/20181128_230633_00694_6qjq2/1",

      "stats":{

        "state":"QUEUED",

        "queued":true,

        "scheduled":false,

        "nodes":0,

        "totalSplits":0,

        "queuedSplits":0,

        "runningSplits":0,

        "completedSplits":0,

        "cpuTimeMillis":0,

        "wallTimeMillis":0,

        "queuedTimeMillis":0,

        "elapsedTimeMillis":0,

        "processedRows":0,

        "processedBytes":0,

        "peakMemoryBytes":0}}",

    "name": "com.***.data.gateway.handler.QueryIdCachingProxyHandler",

    "ts": "2018-11-28T23:06:33.737Z"

}

3replies Oldest first
  • Oldest first
  • Newest first
  • Active threads
  • Popular
  • The nextUri field for a random query through the HTTP connection is something like ""nextUri": "http://bridge-server-08d7eef4d1ba59480.production.mode-aws-internal:32601/v1/statement/20181128_231930_00702_6qjq2/1"," where the port is 32601 and changes across different queries. The nextUri port for HTTPS connection is however fixed at 8443, which happen to be the secure listener port on ELB. I wonder whether along the path bridge-server ==> mode-bridge ==> ELB ==> Presto, the original bridge-server port is lost.

    Reply Like
  • ELB access log indicates ""POST https://bridge-server-08d7eef4d1ba59480.production.mode-aws-internal:8443/v1/statement HTTP/1.1" "Presto JDBC Driver/0.181" ECDHE-RSA-AES128-GCM-SHA256 T    LSv1.2" from mode-bridge

    Reply Like
  • Hey Daniel, have you tried the steps outlined in the Bridge Troubleshooting Guide?

    If those don't work for you, go ahead and write into in-product chat and we'll help you debug this further. Thanks!

    Reply Like
Like Follow
  • 5 days agoLast active
  • 3Replies
  • 52Views
  • 2 Following

Create A New Discussion

Share your thoughts