syncserver: ConnectionError due to bad handshake to BrowserID server at api.accounts.firefox.com
Hi,
my Firefox Sync Server instance stopped working yesterday evening. I updated my installation to the most recent version of the git master branch. make build and make test ran without problems.
When I try to initiate a sync from a client, the following shows up in the error log of the server:
[Thu Jan 04 11:34:57.307531 2018] [wsgi:error] [pid 12056] ERROR:tokenserver:Unexpected verification error
[Thu Jan 04 11:34:57.307700 2018] [wsgi:error] [pid 12056] Traceback (most recent call last):
[Thu Jan 04 11:34:57.307817 2018] [wsgi:error] [pid 12056] File "/srv/software/mozilla-syncserver/local/lib/python2.7/site-packages/tokenserver/views.py", line 85, in valid_assertion
[Thu Jan 04 11:34:57.307830 2018] [wsgi:error] [pid 12056] assertion = verifier.verify(assertion)
[Thu Jan 04 11:34:57.307837 2018] [wsgi:error] [pid 12056] File "/srv/software/mozilla-syncserver/local/lib/python2.7/site-packages/tokenserver/verifiers.py", line 73, in verify
[Thu Jan 04 11:34:57.307845 2018] [wsgi:error] [pid 12056] data = super(LocalVerifier, self).verify(assertion, audience)
[Thu Jan 04 11:34:57.307880 2018] [wsgi:error] [pid 12056] File "/srv/software/mozilla-syncserver/local/lib/python2.7/site-packages/browserid/verifiers/local.py", line 96, in verify
[Thu Jan 04 11:34:57.307925 2018] [wsgi:error] [pid 12056] cert = self.verify_certificate_chain(certificates, now=now)
[Thu Jan 04 11:34:57.307935 2018] [wsgi:error] [pid 12056] File "/srv/software/mozilla-syncserver/local/lib/python2.7/site-packages/browserid/verifiers/local.py", line 135, in verify_certificate_chain
[Thu Jan 04 11:34:57.307989 2018] [wsgi:error] [pid 12056] root_key = self.supportdocs.get_key(root_issuer)
[Thu Jan 04 11:34:57.307999 2018] [wsgi:error] [pid 12056] File "/srv/software/mozilla-syncserver/local/lib/python2.7/site-packages/browserid/supportdoc.py", line 63, in get_key
[Thu Jan 04 11:34:57.308005 2018] [wsgi:error] [pid 12056] supportdoc = self.get_support_document(hostname)
[Thu Jan 04 11:34:57.308011 2018] [wsgi:error] [pid 12056] File "/srv/software/mozilla-syncserver/local/lib/python2.7/site-packages/browserid/supportdoc.py", line 58, in get_support_document
[Thu Jan 04 11:34:57.308016 2018] [wsgi:error] [pid 12056] raise error
[Thu Jan 04 11:34:57.308022 2018] [wsgi:error] [pid 12056] ConnectionError: Failed to GET https://api.accounts.firefox.com/.well-known/browserid. Reason: ('bad handshake: SysCallError(0, None)',)
The TLS connection to api.accounts.firefox.com apparently can’t be established. I tried to connect to the URL manually from the server system and the TLS connection seems to work fine.
I have no idea how to further trace/debug this error and whether this is caused by my environment or by a bug in the Firefox Sync Server itself. Any help is appreciated.
Thank you in advance!
About this issue
- Original URL
- State: closed
- Created 6 years ago
- Comments: 19 (6 by maintainers)
Commits related to this issue
- Merge pull request #107 from mozilla-services/feat/issue-99 feat: return newlines reply when get accept header indicates it — committed to Mic92/syncserver by pjenvey 6 years ago
This should be now fixed, please let us know if there are still problems
Hello everyone, our apologies for the trouble this is causing you.
This outage was caused by a combination of AWS restarting instances for Meltdown/Spectre patches, and the launch configuration specifying an AMI that no longer exists. I’m currently in the process of rebuilding the AMI and I’m hoping to have service restored today. I’ll update this bug when that’s done.
Seems that https://verifier.accounts.firefox.com/ has an issue:
Thanks, seems to work for me.