Hue load balancer is down after enabling TLS

After enabling Auto-TLS on cloudera cluster, Hue load balancer is not starting. We are getting below errors:

Error Message: Stderr

 perl -pi -e 's#\{\{CLOUDERA_HTTPD_LOG_DIR}}#/mounts/edge/app/log/hue-httpd#' /var/run/cloudera-scm-agent/process/1295-hue-HUE_LOAD_BALANCER/httpd.conf /var/run/cloudera-scm-agent/process/1295-hue-HUE_LOAD_BALANCER/hue.conf /var/run/cloudera-scm-agent/process/1295-hue-HUE_LOAD_BALANCER/supervisor.conf
Can't open /var/run/cloudera-scm-agent/process/1295-hue-HUE_LOAD_BALANCER/supervisor.conf: Permission denied, <> line 279.
+ replace_httpd_conf CLOUDERA_HTTPD_MODULE_DIR
+ VAR=CLOUDERA_HTTPD_MODULE_DIR
+ perl -pi -e 's#\{\{CLOUDERA_HTTPD_MODULE_DIR}}#/usr/lib64/httpd/modules#' /var/run/cloudera-scm-agent/process/1295-hue-HUE_LOAD_BALANCER/httpd.conf /var/run/cloudera-scm-agent/process/1295-hue-HUE_LOAD_BALANCER/hue.conf /var/run/cloudera-scm-agent/process/1295-hue-HUE_LOAD_BALANCER/supervisor.conf
Can't open /var/run/cloudera-scm-agent/process/1295-hue-HUE_LOAD_BALANCER/supervisor.conf: Permission denied, <> line 279.
+ replace_conf_dir
+ echo CONF_DIR=/var/run/cloudera-scm-agent/process/1295-hue-HUE_LOAD_BALANCER
+ echo CMF_CONF_DIR=
+ EXCLUDE_CMF_FILES=('cloudera-config.sh' 'hue.sh' 'impala.sh' 'sqoop.sh' 'supervisor.conf' 'config.zip' 'proc.json' '*.log' '*.keytab' '*jceks' 'supervisor_status')
++ printf '! -name %s ' cloudera-config.sh hue.sh impala.sh sqoop.sh supervisor.conf config.zip proc.json '*.log' '*.keytab' '*jceks' supervisor_status
+ find /var/run/cloudera-scm-agent/process/1295-hue-HUE_LOAD_BALANCER -type f '!' -path '/var/run/cloudera-scm-agent/process/1295-hue-HUE_LOAD_BALANCER/logs/*' '!' -name cloudera-config.sh '!' -name hue.sh '!' -name impala.sh '!' -name sqoop.sh '!' -name supervisor.conf '!' -name config.zip '!' -name proc.json '!' -name '*.log' '!' -name '*.keytab' '!' -name '*jceks' '!' -name supervisor_status -exec perl -pi -e 's#\{\{CMF_CONF_DIR}}#/var/run/cloudera-scm-agent/process/1295-hue-HUE_LOAD_BALANCER#g' '{}' ';'
+ service_specific_actions
+ export HUE_HOME=/opt/cloudera/parcels/CDH-6.3.2-1.cdh6.3.2.p3739.1842613/lib/hue
+ HUE_HOME=/opt/cloudera/parcels/CDH-6.3.2-1.cdh6.3.2.p3739.1842613/lib/hue
+ echo HUE_HOME=/opt/cloudera/parcels/CDH-6.3.2-1.cdh6.3.2.p3739.1842613/lib/hue
+ replace_httpd_conf HUE_HOME
+ VAR=HUE_HOME
+ perl -pi -e 's#\{\{HUE_HOME}}#/opt/cloudera/parcels/CDH-6.3.2-1.cdh6.3.2.p3739.1842613/lib/hue#' /var/run/cloudera-scm-agent/process/1295-hue-HUE_LOAD_BALANCER/httpd.conf /var/run/cloudera-scm-agent/process/1295-hue-HUE_LOAD_BALANCER/hue.conf /var/run/cloudera-scm-agent/process/1295-hue-HUE_LOAD_BALANCER/supervisor.conf
Can't open /var/run/cloudera-scm-agent/process/1295-hue-HUE_LOAD_BALANCER/supervisor.conf: Permission denied, <> line 279.
+ perl -pi -e 's#^SSLPassPhraseDialog(.*)\{\{AGENT_COMMON_DIR}}/sslpassphrase.sh#SSLPassPhraseDialog\1/opt/cloudera/cm-agent/service/common\/sslpassphrase.sh#g' /var/run/cloudera-scm-agent/process/1295-hue-HUE_LOAD_BALANCER/hue.conf
+ check_httpd_conf
+ /usr/sbin/httpd -f /var/run/cloudera-scm-agent/process/1295-hue-HUE_LOAD_BALANCER/httpd.conf -t
Syntax OK
+ '[' 0 '!=' 0 ']'
+ '[' '' = refresh ']'
+ start_httpd
+ ARGS=
+ '[' -n true ']'
+ ARGS=-DCLOUDERA_HTTPD_USE_SSL
+ exec /usr/sbin/httpd -f /var/run/cloudera-scm-agent/process/1295-hue-HUE_LOAD_BALANCER/httpd.conf -DFOREGROUND -DCLOUDERA_HTTPD_USE_SSL
AH00526: Syntax error on line 267 of /var/run/cloudera-scm-agent/process/1295-hue-HUE_LOAD_BALANCER/httpd.conf:
SSLCipherSuite takes one argument, Colon-delimited list of permitted SSL Ciphers ('XXX:...:XXX' - see manual)

Hue Server log:

Time Log Level Source Log Message
3:09:23.811 AM NA [proxy:error] 
[pid 10369:tid 140609482364672] (111)Connection refused: AH00957: HTTP: attempt to connect to 192.168.167.139:8888 (usawe-ieedgep16.res.ds.quintiles.com) failed
3:09:23.811 AM NA [proxy:error] 
[pid 10369:tid 140609482364672] AH00959: ap_proxy_connect_backend disabling worker for (usawe-ieedgep16.res.ds.quintiles.com) for 10s
3:09:23.811 AM NA [proxy_http:error] 
[pid 10369:tid 140609482364672] [client 192.168.167.234:54099] AH01114: HTTP: failed to make connection to backend: usawe-ieedgep16.res.ds.quintiles.com, referer: http://usawe-host.com:8889/hue/editor?editor=1893&type=hive
3:09:23.811 AM NA [proxy:error] 
[pid 10369:tid 140609482364672] (111)Connection refused: AH00957: HTTP: attempt to connect to 192.168.167.90:8888 (usawe-host.com) failed
3:09:23.811 AM NA [proxy:error] 
[pid 10369:tid 140609482364672] AH00959: ap_proxy_connect_backend disabling worker for (usawe-host.com) for 10s
3:09:23.811 AM NA [proxy_http:error] 
[pid 10369:tid 140609482364672] [client 192.168.167.234:54099] AH01114: HTTP: failed to make connection to backend: usawe-host.com, referer: http://usawe-host.com:8889/hue/editor?editor=1893&type=hive
3:09:23.814 AM NA [proxy:error] 
[pid 10367:tid 140609482364672] (111)Connection refused: AH00957: HTTP: attempt to connect to 192.168.167.139:8888 (usawe-ieedgep16.res.ds.quintiles.com) failed
3:09:23.814 AM NA [proxy:error] 
[pid 10367:tid 140609482364672] AH00959: ap_proxy_connect_backend disabling worker for (usawe-ieedgep16.res.ds.quintiles.com) for 10s
3:09:23.814 AM NA [proxy_http:error] 
[pid 10367:tid 140609482364672] [client 192.168.167.234:54100] AH01114: HTTP: failed to make connection to backend: usawe-ieedgep16.res.ds.quintiles.com, referer: http://usawe-host.com:8889/hue/editor?editor=1893&type=hive
3:09:23.815 AM NA [proxy:error] 
[pid 10367:tid 140609482364672] (111)Connection refused: AH00957: HTTP: attempt to connect to 192.168.167.90:8888 (usawe-host.com) failed
3:09:23.815 AM NA [proxy:error] 
[pid 10367:tid 140609482364672] AH00959: ap_proxy_connect_backend disabling worker for (usawe-host.com) for 10s
3:09:23.815 AM NA [proxy_http:error] 
[pid 10367:tid 140609482364672] [client 192.168.167.234:54100] AH01114: HTTP: failed to make connection to backend: usawe-host.com, referer: http://usawe-host.com:8889/hue/editor?editor=1893&type=hive
3:09:25.812 AM NA [proxy:error] 
[pid 10367:tid 140609473971968] (111)Connection refused: AH00957: HTTP: attempt to connect to 192.168.167.139:8888 (usawe-ieedgep16.res.ds.quintiles.com) failed
3:09:25.812 AM NA [proxy:error] 
[pid 10367:tid 140609473971968] AH00959: ap_proxy_connect_backend disabling worker for (usawe-ieedgep16.res.ds.quintiles.com) for 10s
3:09:25.812 AM NA [proxy_http:error] 
[pid 10367:tid 140609473971968] [client 192.168.167.234:61652] AH01114: HTTP: failed to make connection to backend: usawe-ieedgep16.res.ds.quintiles.com, referer: http://usawe-host.com:8889/hue/editor?editor=1893&type=hive
3:09:25.812 AM NA [proxy:error] 
[pid 10367:tid 140609473971968] (111)Connection refused: AH00957: HTTP: attempt to connect to 192.168.167.90:8888 (usawe-host.com) failed
3:09:25.812 AM NA [proxy:error] 
[pid 10367:tid 140609473971968] AH00959: ap_proxy_connect_backend disabling worker for (usawe-host.com) for 10s
3:09:25.812 AM NA [proxy_http:error] 
[pid 10367:tid 140609473971968] [client 192.168.167.234:61652] AH01114: HTTP: failed to make connection to backend: usawe-host.com, referer: http://usawe-host.com:8889/hue/editor?editor=1893&type=hive
3:09:30.696 AM NA [proxy:error] 
[pid 10369:tid 140609473971968] (111)Connection refused: AH00957: HTTP: attempt to connect to 192.168.167.139:8888 (usawe-ieedgep16.res.ds.quintiles.com) failed
3:09:30.696 AM NA [proxy:error] 
[pid 10369:tid 140609473971968] AH00959: ap_proxy_connect_backend disabling worker for (usawe-ieedgep16.res.ds.quintiles.com) for 10s
3:09:30.696 AM NA [proxy_http:error] 
[pid 10369:tid 140609473971968] [client 192.168.167.234:49766] AH01114: HTTP: failed to make connection to backend: usawe-ieedgep16.res.ds.quintiles.com, referer: http://usawe-host.com:8889/hue/editor?editor=1893&type=hive
3:09:30.696 AM NA [proxy:error] 
[pid 10369:tid 140609473971968] (111)Connection refused: AH00957: HTTP: attempt to connect to 192.168.167.90:8888 (usawe-host.com) failed
3:09:30.696 AM NA [proxy:error] 
[pid 10369:tid 140609473971968] AH00959: ap_proxy_connect_backend disabling worker for (usawe-host.com) for 10s
3:09:30.696 AM NA [proxy_http:error] 
[pid 10369:tid 140609473971968] [client 192.168.167.234:49766] AH01114: HTTP: failed to make connection to backend: usawe-host.com, referer: http://usawe-host.com:8889/hue/editor?editor=1893&type=hive
3:09:30.696 AM NA [proxy:error] 
[pid 10367:tid 140609465579264] (111)Connection refused: AH00957: HTTP: attempt to connect to 192.168.167.139:8888 (usawe-ieedgep16.res.ds.quintiles.com) failed
3:09:30.696 AM NA [proxy:error] 
[pid 10367:tid 140609465579264] AH00959: ap_proxy_connect_backend disabling worker for (usawe-ieedgep16.res.ds.quintiles.com) for 10s
3:09:30.696 AM NA [proxy_http:error] 
[pid 10367:tid 140609465579264] [client 192.168.167.234:49767] AH01114: HTTP: failed to make connection to backend: usawe-ieedgep16.res.ds.quintiles.com, referer: http://usawe-host.com:8889/hue/editor/?type=impala
3:09:30.696 AM NA [proxy:error] 
[pid 10367:tid 140609465579264] (111)Connection refused: AH00957: HTTP: attempt to connect to 192.168.167.90:8888 (usawe-host.com) failed
3:09:30.696 AM NA [proxy:error] 
[pid 10367:tid 140609465579264] AH00959: ap_proxy_connect_backend disabling worker for (usawe-host.com) for 10s
3:09:30.696 AM NA [proxy_http:error] 
[pid 10367:tid 140609465579264] [client 192.168.167.234:49767] AH01114: HTTP: failed to make connection to backend: usawe-host.com, referer: http://usawe-host.com:8889/hue/editor/?type=impala
3:09:30.734 AM NA [proxy:error] 
[pid 10369:tid 140609465579264] (111)Connection refused: AH00957: HTTP: attempt to connect to 192.168.167.139:8888 (usawe-ieedgep16.res.ds.quintiles.com) failed
3:09:30.734 AM NA [proxy:error] 
[pid 10369:tid 140609465579264] AH00959: ap_proxy_connect_backend disabling worker for (usawe-ieedgep16.res.ds.quintiles.com) for 10s
3:09:30.734 AM NA [proxy_http:error] 
[pid 10369:tid 140609465579264] [client 192.168.167.234:49768] AH01114: HTTP: failed to make connection to backend: usawe-ieedgep16.res.ds.quintiles.com, referer: http://usawe-host.com:8889/hue/editor?editor=1893&type=hive
3:09:30.735 AM NA [proxy:error] 
[pid 10369:tid 140609465579264] (111)Connection refused: AH00957: HTTP: attempt to connect to 192.168.167.90:8888 (usawe-host.com) failed
3:09:30.735 AM NA [proxy:error] 
[pid 10369:tid 140609465579264] AH00959: ap_proxy_connect_backend disabling worker for (usawe-host.com) for 10s
3:09:30.735 AM NA [proxy_http:error] 
[pid 10369:tid 140609465579264] [client 192.168.167.234:49768] AH01114: HTTP: failed to make connection to backend: usawe-host.com, referer: http://usawe-host.com:8889/hue/editor?editor=1893&type=hive
3:15:09.117 AM NA [proxy_http:error] 
[pid 10369:tid 140609457186560] (20014)Internal error: [client 192.168.167.234:50427] AH01102: error reading status line from remote server usawe-ieedgep16.res.ds.quintiles.com:8888, referer: http://usawe-host.com:8889/hue/editor/?type=impala
3:15:09.117 AM NA [proxy:error] 
[pid 10369:tid 140609457186560] [client 192.168.167.234:50427] AH00898: Error reading from remote server returned by /hue/editor, referer: http://usawe-host.com:8889/hue/editor/?type=impala
3:15:09.483 AM NA [mpm_event:notice] 
[pid 10195:tid 140609608697984] AH00491: caught SIGTERM, shutting down
3:16:13.230 AM NA [ssl:warn] 
[pid 16023:tid 140278018885760] AH01873: Init: Session Cache is not configured [hint: SSLSessionCache]
3:16:13.231 AM NA [mpm_event:notice] 
[pid 16023:tid 140278018885760] AH00489: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips configured -- resuming normal operations
3:16:13.231 AM NA [core:notice] 
[pid 16023:tid 140278018885760] AH00094: Command line: '/usr/sbin/httpd -f /var/run/cloudera-scm-agent/process/764-hue-HUE_LOAD_BALANCER/httpd.conf -D FOREGROUND'
10:10:43.306 AM NA [mpm_event:notice] 
[pid 16023:tid 140278018885760] AH00491: caught SIGTERM, shutting down
10:11:47.463 AM NA [ssl:warn] 
[pid 7864:tid 140353752414336] AH01873: Init: Session Cache is not configured [hint: SSLSessionCache]
10:11:47.464 AM NA [mpm_event:notice] 
[pid 7864:tid 140353752414336] AH00489: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips configured -- resuming normal operations
10:11:47.464 AM NA [core:notice] 
[pid 7864:tid 140353752414336] AH00094: Command line: '/usr/sbin/httpd -f /var/run/cloudera-scm-agent/process/838-hue-HUE_LOAD_BALANCER/httpd.conf -D FOREGROUND'
4:50:27.129 PM NA [mpm_event:notice] 
[pid 7864:tid 140353752414336] AH00491: caught SIGTERM, shutting down
4:51:32.085 PM NA [ssl:warn] 
[pid 1368:tid 139837794330752] AH01873: Init: Session Cache is not configured [hint: SSLSessionCache]
4:51:32.086 PM NA [mpm_event:notice] 
[pid 1368:tid 139837794330752] AH00489: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips configured -- resuming normal operations
4:51:32.086 PM NA [core:notice] 
[pid 1368:tid 139837794330752] AH00094: Command line: '/usr/sbin/httpd -f /var/run/cloudera-scm-agent/process/884-hue-HUE_LOAD_BALANCER/httpd.conf -D FOREGROUND'
12:02:46.652 AM NA [mpm_event:notice] 
[pid 1368:tid 139837794330752] AH00491: caught SIGTERM, shutting down
12:04:18.907 AM NA [ssl:warn] 
[pid 31262:tid 140382759028864] AH01873: Init: Session Cache is not configured [hint: SSLSessionCache]
12:04:18.908 AM NA [mpm_event:notice] 
[pid 31262:tid 140382759028864] AH00489: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips configured -- resuming normal operations
12:04:18.908 AM NA [core:notice] 
[pid 31262:tid 140382759028864] AH00094: Command line: '/usr/sbin/httpd -f /var/run/cloudera-scm-agent/process/973-hue-HUE_LOAD_BALANCER/httpd.conf -D FOREGROUND'
8:07:39.563 PM NA [mpm_event:notice] 
[pid 31262:tid 140382759028864] AH00491: caught SIGTERM, shutting down
9:22:52.500 PM NA [ssl:warn] 
[pid 8636:tid 139663826663552] AH01873: Init: Session Cache is not configured [hint: SSLSessionCache]
9:22:52.501 PM NA [mpm_event:notice] 
[pid 8636:tid 139663826663552] AH00489: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips configured -- resuming normal operations
9:22:52.501 PM NA [core:notice] 
[pid 8636:tid 139663826663552] AH00094: Command line: '/usr/sbin/httpd -f /var/run/cloudera-scm-agent/process/1237-hue-HUE_LOAD_BALANCER/httpd.conf -D FOREGROUND'
9:25:04.668 PM NA [ssl:error] 
[pid 8839:tid 139663700330240] [remote 192.168.167.90:8888] AH01961: SSL Proxy requested for usawe-host.com:80 but not enabled [Hint: SSLProxyEngine]
9:25:04.668 PM NA [proxy:error] 
[pid 8839:tid 139663700330240] AH00961: HTTPS: failed to enable ssl support for 192.168.167.90:8888 (usawe-host.com)
9:25:05.035 PM NA [ssl:error] 
[pid 8841:tid 139663700330240] [remote 192.168.167.139:8888] AH01961: SSL Proxy requested for usawe-host.com:80 but not enabled [Hint: SSLProxyEngine]
9:25:05.035 PM NA [proxy:error] 
[pid 8841:tid 139663700330240] AH00961: HTTPS: failed to enable ssl support for 192.168.167.139:8888 (usawe-ieedgep16.res.ds.quintiles.com)
9:25:33.524 PM NA [ssl:error] 
[pid 8841:tid 139663691937536] [remote 192.168.167.139:8888] AH01961: SSL Proxy requested for usawe-host.com:80 but not enabled [Hint: SSLProxyEngine]
9:25:33.524 PM NA [proxy:error] 
[pid 8841:tid 139663691937536] AH00961: HTTPS: failed to enable ssl support for 192.168.167.139:8888 (usawe-ieedgep16.res.ds.quintiles.com)
9:25:33.952 PM NA [ssl:error] 
[pid 8841:tid 139663612311296] [remote 192.168.167.90:8888] AH01961: SSL Proxy requested for usawe-host.com:80 but not enabled [Hint: SSLProxyEngine]
9:25:33.952 PM NA [proxy:error] 
[pid 8841:tid 139663612311296] AH00961: HTTPS: failed to enable ssl support for 192.168.167.90:8888 (usawe-host.com)
9:30:41.044 PM NA [mpm_event:notice] 
[pid 8636:tid 139663826663552] AH00491: caught SIGTERM, shutting down
9:30:51.083 PM NA [ssl:warn] 
[pid 15092:tid 140033754507392] AH01873: Init: Session Cache is not configured [hint: SSLSessionCache]
9:30:51.084 PM NA [mpm_event:notice] 
[pid 15092:tid 140033754507392] AH00489: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips configured -- resuming normal operations
9:30:51.084 PM NA [core:notice] 
[pid 15092:tid 140033754507392] AH00094: Command line: '/usr/sbin/httpd -f /var/run/cloudera-scm-agent/process/1245-hue-HUE_LOAD_BALANCER/httpd.conf -D FOREGROUND'
9:32:49.407 PM NA [ssl:error] 
[pid 15290:tid 140033628174080] [remote 192.168.167.90:8888] AH01961: SSL Proxy requested for usawe-host.com:80 but not enabled [Hint: SSLProxyEngine]
9:32:49.407 PM NA [proxy:error] 
[pid 15290:tid 140033628174080] AH00961: HTTPS: failed to enable ssl support for 192.168.167.90:8888 (usawe-host.com)
9:32:50.125 PM NA [ssl:error] 
[pid 15285:tid 140033628174080] [remote 192.168.167.139:8888] AH01961: SSL Proxy requested for usawe-host.com:80 but not enabled [Hint: SSLProxyEngine]
9:32:50.125 PM NA [proxy:error] 
[pid 15285:tid 140033628174080] AH00961: HTTPS: failed to enable ssl support for 192.168.167.139:8888 (usawe-ieedgep16.res.ds.quintiles.com)
2:57:51.708 PM NA [ssl:error] 
[pid 15290:tid 140033619781376] [remote 192.168.167.139:8888] AH01961: SSL Proxy requested for usawe-host.com:80 but not enabled [Hint: SSLProxyEngine]
2:57:51.709 PM NA [proxy:error] 
[pid 15290:tid 140033619781376] AH00961: HTTPS: failed to enable ssl support for 192.168.167.139:8888 (usawe-ieedgep16.res.ds.quintiles.com)
2:57:52.063 PM NA [ssl:error] 
[pid 15285:tid 140033619781376] [remote 192.168.167.90:8888] AH01961: SSL Proxy requested for usawe-host.com:80 but not enabled [Hint: SSLProxyEngine]
2:57:52.063 PM NA [proxy:error] 
[pid 15285:tid 140033619781376] AH00961: HTTPS: failed to enable ssl support for 192.168.167.90:8888 (usawe-host.com)
4:07:07.352 PM NA [ssl:error] 
[pid 15285:tid 140033611388672] [remote 192.168.167.90:8888] AH01961: SSL Proxy requested for usawe-host.com:80 but not enabled [Hint: SSLProxyEngine]
4:07:07.353 PM NA [proxy:error] 
[pid 15285:tid 140033611388672] AH00961: HTTPS: failed to enable ssl support for 192.168.167.90:8888 (usawe-host.com)
4:07:07.572 PM NA [ssl:error] 
[pid 15290:tid 140033611388672] [remote 192.168.167.139:8888] AH01961: SSL Proxy requested for usawe-host.com:80 but not enabled [Hint: SSLProxyEngine]
4:07:07.572 PM NA [proxy:error] 
[pid 15290:tid 140033611388672] AH00961: HTTPS: failed to enable ssl support for 192.168.167.139:8888 (usawe-ieedgep16.res.ds.quintiles.com)
4:39:10.766 PM NA [mpm_event:notice] 
[pid 15092:tid 140033754507392] AH00491: caught SIGTERM, shutting down
4:39:21.105 PM NA [ssl:warn] 
[pid 17785:tid 140606613371008] AH01873: Init: Session Cache is not configured [hint: SSLSessionCache]
4:39:21.106 PM NA [mpm_event:notice] 
[pid 17785:tid 140606613371008] AH00489: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips configured -- resuming normal operations
4:39:21.106 PM NA [core:notice] 
[pid 17785:tid 140606613371008] AH00094: Command line: '/usr/sbin/httpd -f /var/run/cloudera-scm-agent/process/1282-hue-HUE_LOAD_BALANCER/httpd.conf -D FOREGROUND'
4:40:37.652 PM NA [ssl:error] 
[pid 18000:tid 140606487037696] [remote 192.168.167.90:8888] AH01961: SSL Proxy requested for usawe-host.com:80 but not enabled [Hint: SSLProxyEngine]
4:40:37.652 PM NA [proxy:error] 
[pid 18000:tid 140606487037696] AH00961: HTTPS: failed to enable ssl support for 192.168.167.90:8888 (usawe-host.com)
4:40:37.927 PM NA [ssl:error] 
[pid 18002:tid 140606487037696] [remote 192.168.167.139:8888] AH01961: SSL Proxy requested for usawe-host.com:80 but not enabled [Hint: SSLProxyEngine]
4:40:37.927 PM NA [proxy:error] 
[pid 18002:tid 140606487037696] AH00961: HTTPS: failed to enable ssl support for 192.168.167.139:8888 (usawe-ieedgep16.res.ds.quintiles.com)
4:45:22.154 PM NA [mpm_event:notice] 
[pid 17785:tid 140606613371008] AH00491: caught SIGTERM, shutting down

Solution:

From the httpd.conf , I see that few properties need to set:

<IfDefine CLOUDERA_HTTPD_USE_SSL>
SSLEngine on
SSLProxyEngine on

# From Mozilla Recommended Configuration:
# https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28default.29
SSLProtocol 
SSLProxyProtocol 
SSLCipherSuite 
SSLHonorCipherOrder on
</IfDefine>

To resolve this, add the protocol versions and cipher suites through CM:

– In Cloudera Manager, navigate to Hue => Configuration
Scope: => Load Balancer, Category: =>Advanced

– Configure the SSLProtocol and SSLCipherSuite properties with the following values:

SSLProtocol: all -SSLv2 -SSLv3

SSLCipherSuite: ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128
-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM
-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE
-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE
-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE
-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA
-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256
-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS

– Save, and restart the Hue Load Balancer role

Note that the value set in SSLCipherSuite is a long colon-delimited set, but should be all one line. Be aware of any extraneous whitespace when you set the value.

I would also like to point out that the “permission denied” error we observed in stderr for supervisor.conf is really a red herring and has no bearing on this issue.

Like this:

Leave a ReplyCancel reply

Share this:

Like this:

Please Share This Share this content

You Might Also Like

Hive: How to copy all data/table from One Database to other Database

Rename Hive Database – Issue-resolution

Blacklisting in Cloudera with Spark

Solve Impala issue after enabling TLS in Cloudera

Apache Kafka Cluster in Cloudera

How to resolve and troubleshoot Hive DB lock issue in production

ResourceManager failed to start

Leave a ReplyCancel reply

Share this content