UBL Suddenly Failing Certificate not trusted

2022-10-04 14:21:07:  Web Forwarding Tunneler Thread: Waiting for connection...
2022-10-04 14:21:07:  Web Forwarding Tunneler Thread: 192.168.94.49 : Connection received!
2022-10-04 14:21:07:  >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
2022-10-04 14:21:07:  Exception Details
2022-10-04 14:21:07:  Win32Exception -- The certificate chain was issued by an authority that is not trusted.
2022-10-04 14:21:07:  Win32Exception.NativeErrorCode: -2146893019
2022-10-04 14:21:07:  ExternalException.ErrorCode: -2147467259 (Unspecified error)
2022-10-04 14:21:07:  Exception.Data: ( )
2022-10-04 14:21:07:  Exception.HResult: -2147467259
2022-10-04 14:21:07:    Exception.StackTrace: 
2022-10-04 14:21:07:      (null)
2022-10-04 14:21:07:  AuthenticationException -- Authentication failed, see inner exception.
2022-10-04 14:21:07:  Exception.TargetSite: Void Throw()
2022-10-04 14:21:07:  Exception.Data: ( )
2022-10-04 14:21:07:  Exception.Source: System.Private.CoreLib
2022-10-04 14:21:07:  Exception.HResult: -2146233087
2022-10-04 14:21:07:    Exception.StackTrace: 
2022-10-04 14:21:07:     at System.Net.Security.SslStream.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, ExceptionDispatchInfo exception)
2022-10-04 14:21:07:     at System.Net.Security.SslStream.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
2022-10-04 14:21:07:     at System.Net.Security.SslStream.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
2022-10-04 14:21:07:     at System.Net.Security.SslStream.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
2022-10-04 14:21:07:     at System.Net.Security.SslStream.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
2022-10-04 14:21:07:     at System.Net.Security.SslStream.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
2022-10-04 14:21:07:     at System.Net.Security.SslStream.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
2022-10-04 14:21:07:     at System.Net.Security.SslStream.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
2022-10-04 14:21:07:     at System.Net.Security.SslStream.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
2022-10-04 14:21:07:     at System.Net.Security.SslStream.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
2022-10-04 14:21:07:     at System.Net.Security.SslStream.ProcessAuthentication(LazyAsyncResult lazyResult, CancellationToken cancellationToken)
2022-10-04 14:21:07:     at System.Net.Security.SslStream.AuthenticateAsServer(SslServerAuthenticationOptions sslServerAuthenticationOptions)
2022-10-04 14:21:07:     at Deadline.Net.SSLServerStreamEndpoint..ctor(String address, Int32 port, X509Certificate certificate, NetworkStream stream)
2022-10-04 14:21:07:     at Deadline.LicenseForwarder.LicenseForwarderWebForwarder.HandleRequest(Object clientObject)

Hello

Seems like you are trying to run Web Forwarding. Web forwarding is the functionality for machines which cannot reach internet themselves so they need to connect to License Forwarder to connect to the internet.

Do you use it?

When you get a chance I need below information:

  1. Which application’s UBL do you use?
  2. Are you using the UBL on AWS or on premise?
  3. If you are using UBL on AWS, are you using AWS Portal or running License forwarder manually on an EC2 instance?
  4. If not AWS where is it running and how is it connected with the render nodes
  5. If you need to use the Web Forwarding functionality did you create the certificates for it?

Ok, that’s weird, because I did turn on web forwarding briefly but then turned it off as part of debugging.

  1. Nuke
  2. On Premise (and it was working until today)
  1. A Windows Server Virtual machine on premise on the same L2 network. (And using RCS for the worker control)
  2. No, I don’t need web forwarding. I’m not sure why it’s still trying when I just turned it on and off for a minute to make sure it wasn’t.

I just restarted the web forwarder and it still is erroring with web forwarding. And licenses are still failing to be issued.

Ok rebooting all of the workers finally stopped those errors, but rendering still doesn’t work due to the original problem:

2022-10-04 18:06:55:  ::ffff:192.168.##.## has connected
2022-10-04 18:06:55:  License Forwarder - Received request to register Render-R5-04/::ffff:192.168.##.## for feature nuke.
2022-10-04 18:06:55:  License Forwarder Tunneler Thread for nuke ( 4101 ) : Initialized - listening on port 4101
2022-10-04 18:06:55:  Exception Details
2022-10-04 18:06:55:  SocketException -- An attempt was made to access a socket in a way forbidden by its access permissions.
2022-10-04 18:06:55:  SocketException.SocketErrorCode: AccessDenied (10013)
2022-10-04 18:06:55:  SocketException.ErrorCode: 10013 (An attempt was made to access a socket in a way forbidden by its access permissions.)
2022-10-04 18:06:55:  Win32Exception.NativeErrorCode: 10013
2022-10-04 18:06:55:  Exception.TargetSite: Void UpdateStatusAfterSocketErrorAndThrowException(System.Net.Sockets.SocketError, System.String)
2022-10-04 18:06:55:  Exception.Data: ( )
2022-10-04 18:06:55:  Exception.Source: System.Net.Sockets
2022-10-04 18:06:55:  Exception.HResult: -2147467259
2022-10-04 18:06:55:    Exception.StackTrace: 
2022-10-04 18:06:55:     at System.Net.Sockets.Socket.UpdateStatusAfterSocketErrorAndThrowException(SocketError error, String callerName)
2022-10-04 18:06:55:     at System.Net.Sockets.Socket.DoBind(EndPoint endPointSnapshot, SocketAddress socketAddress)
2022-10-04 18:06:55:     at System.Net.Sockets.Socket.Bind(EndPoint localEP)
2022-10-04 18:06:55:     at System.Net.Sockets.TcpListener.Start(Int32 backlog)
2022-10-04 18:06:55:     at System.Net.Sockets.TcpListener.Start()
2022-10-04 18:06:55:     at Deadline.Net.TCPTunnelThread.a(Object bhw)
2022-10-04 18:06:55:  License Forwarder Tunneler Thread for nuke ( 4101 ) : Exited ThreadMain(), cleaning up...
2022-10-04 18:06:55:  License Forwarder Tunneler Thread for nuke ( 6101 ) : Initialized - listening on port 6101
2022-10-04 18:06:55:  License Forwarder - Performing validation check since new tunneler threads have been started.
2022-10-04 18:06:56:  License Forwarder - Validation check completed.
2022-10-04 18:07:04:  ::ffff:192.168.##.## has connected
2022-10-04 18:07:04:  ::ffff:192.168.##.## has connected
2022-10-04 18:07:04:  License Forwarder - Received request to register Render-R5-02/::ffff:192.168.##.## for feature nuke.
2022-10-04 18:07:04:  License Forwarder - Received request to register Render-R5-01/::ffff:192.168.##.## for feature nuke.
2022-10-04 18:07:09:  ::ffff:192.168.##.## has connected
2022-10-04 18:07:09:  License Forwarder - Received request to register Render-R5-03/::ffff:192.168.##.## for feature nuke.
2022-10-04 18:07:14:  ::ffff:192.168.##.## has connected
2022-10-04 18:07:14:  License Forwarder - Received request to register Render-R5-05/::ffff:192.168.##.## for feature nuke.

No Firewall on. No Antivirus. Just one Hyper-V adapter.

Solved it. Someone unbeknownst to me had received and installed our new Nuke licenses to the server and didn’t change the port from the default nuke license port. So RLM and UBL were fighting each other for control over 4101.

Big feature request: please don’t use default ports for things with Deadline: 443, 4101 etc…

1 Like

Awesome. I’m glad you resolved it. I’m going to make a feature request for it but I wont be able to tell you the ETA on when will it get supported.

1 Like