[Libwebsockets] error when ssl enabled

Andy Green andy at warmcat.com
Mon Dec 5 13:08:54 CET 2016


On Mon, 2016-12-05 at 17:36 +0530, satya gowtham kudupudi wrote:
> libwebsockets-test-server --ssl ran exceptionally well
> libwebsockets-test-server.pem and libwebsockets-test-server.key.pem
> With my custom server are working. I have changed port form 80 to
> 443. Now https://ubuntu.local is loading. But however for resources
> referred with in index.html, like .css,.png,.js etc. browser says 

Test server doesn't have that problem, right?

You have the test server, right?

Debug your own code then...

-Andy

> Failed to load resource: cannot parse response. Below is the log from
> my custom server after using the libwebsockets' pem files.
> 
> [2016/12/05 17:34:06:1347] NOTICE: Built to support server operations
> lwsts[28492]: libwebsockets test server - license LGPL2.1+SLE
> lwsts[28492]: (C) Copyright 2010-2016 Andy Green <andy at warmcat.com>
> lwsts[28492]: Running in server mode
> lwsts[28492]: Initial logging level 7
> lwsts[28492]: Libwebsockets version: 2.1.0 gowtham at ubuntu-v2.0.0-170-
> g7355750
> lwsts[28492]: IPV6 not compiled in
> lwsts[28492]: libev support not compiled in
> lwsts[28492]: libuv support not compiled in
> lwsts[28492]:  Threads: 1 each 1024 fds
> lwsts[28492]:  mem: platform fd map:  8192 bytes
> lwsts[28492]:  Compiled with OpenSSL support
> [2016-12-05 17:34:06 NTC run]: waiting for a connection on 9271 ...
> lwsts[28492]: Creating Vhost 'default' port 443, 2 protocols, IPv6
> off
> lwsts[28492]:  SSL ciphers: 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-
> AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-
> SHA384:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4:!HMAC_SHA1:!SHA
> 1:!DHE-RSA-AES128-GCM-SHA256:!DHE-RSA-AES128-SHA256:!AES128-GCM-SHA25
> lwsts[28492]:  Using SSL mode
> lwsts[28492]:  SSL ECDH curve 'prime256v1'
> lwsts[28492]:  Listening on port 443
> lwsts[28492]:  mem: per-conn:          512 bytes + protocol rx buf
> lwsts[28492]:  canonical_hostname = ubuntu
> lwsts[28492]: lws_protocol_init
> lwsts[28492]: SNI: Unknown ServerName: ubuntu.local
>     GET URI /
>     Host ubuntu.local
>     Connection keep-alive
>     Extensions HTTP/1.1
>     Nonce
> text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
>     Accept-Encoding: gzip, deflate
>     Accept-Language: en-us
>     Cache-Control: max-age=0
>     Cookie: session_id=1
>     GET URI /css/app.css
>     Host ubuntu.local
>     Connection keep-alive
>     Extensions HTTP/1.1
>     Nonce text/css,*/*;q=0.1
>     Accept-Encoding: gzip, deflate
>     Accept-Language: en-us
>     Cache-Control: max-age=0
>     Cookie: session_id=1; session_id=1
>     Referer: https://ubuntu.local/
> lwsts[28492]: SNI: Unknown ServerName: ubuntu.local
>     GET URI /js/main.js
>     Host ubuntu.local
>     Connection keep-alive
>     Extensions HTTP/1.1
>     Nonce */*
>     Accept-Encoding: gzip, deflate
>     Accept-Language: en-us
>     Cache-Control: max-age=0
>     Cookie: session_id=1; session_id=1
>     Referer: https://ubuntu.local/
> 
> > On 05-Dec-2016, at 4:11 PM, Andy Green <andy at warmcat.com> wrote:
> > 
> > On Mon, 2016-12-05 at 16:04 +0530, satya gowtham kudupudi wrote:
> > > I could able to help only one guy; and did it till he got through
> > > it.
> > 
> > Did you read my email?
> > 
> > > Here is the complete log. Please help get me through this. I will
> > > definitely spare time for the community.
> > 
> > Yeah, right.
> > 
> > > [2016/12/05 14:35:50:6828] NOTICE: Built to support server
> > > operations
> > > [2016-12-05 14:35:50 NTC run]: waiting for a connection on 9271
> > > ...
> > 
> > Just run the unchanged lws test server and repeat the steps I
> > listed.
> > 
> > What does it do?
> > 
> > -Andy
> > 
> > > lwsts[27892]: libwebsockets test server - license LGPL2.1+SLE
> > > lwsts[27892]: (C) Copyright 2010-2016 Andy Green <andy at warmcat.co
> > > m>
> > > lwsts[27892]: Running in server mode
> > > lwsts[27892]: Initial logging level 65535
> > > lwsts[27892]: Libwebsockets version: 2.1.0 gowtham at ubuntu-v2.0.0-
> > > 170-
> > > g7355750
> > > lwsts[27892]: IPV6 not compiled in
> > > lwsts[27892]: libev support not compiled in
> > > lwsts[27892]: libuv support not compiled in
> > > lwsts[27892]:  LWS_DEF_HEADER_LEN    : 4096
> > > lwsts[27892]:  LWS_MAX_PROTOCOLS     : 5
> > > lwsts[27892]:  LWS_MAX_SMP           : 32
> > > lwsts[27892]:  SPEC_LATEST_SUPPORTED : 13
> > > lwsts[27892]:  sizeof (*info)        : 320
> > > lwsts[27892]:  SYSTEM_RANDOM_FILEPATH: '/dev/urandom'
> > > lwsts[27892]:  default timeout (secs): 5
> > > lwsts[27892]:  Threads: 1 each 1024 fds
> > > lwsts[27892]:  mem: context:          9272 bytes (5176 ctx + (1
> > > thr x
> > > 4096))
> > > lwsts[27892]:  mem: http hdr rsvd:   122880 bytes (1 thr x (4096
> > > +
> > > 3584) x 16))
> > > lwsts[27892]:  mem: pollfd map:       8192
> > > lwsts[27892]:  mem: platform fd map:  8192 bytes
> > > lwsts[27892]:  Compiled with OpenSSL support
> > > lwsts[27892]: Creating Vhost 'default' port 80, 2 protocols, IPv6
> > > off
> > > lwsts[27892]:  SSL ciphers: 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-
> > > RSA-
> > > AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-
> > > SHA384:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4:!HMAC_SHA1:
> > > !SHA
> > > 1:!DHE-RSA-AES128-GCM-SHA256:!DHE-RSA-AES128-SHA256:!AES128-GCM-
> > > SHA25
> > > lwsts[27892]:  Using SSL mode
> > > lwsts[27892]:  SSL ECDH curve 'prime256v1'
> > > lwsts[27892]:  SSL options 0x35A0004
> > > lwsts[27892]: insert_wsi_socket_into_fds: 0x7f9ffc0451b0: tsi=0,
> > > sock=9, pos-in-fds=1
> > > lwsts[27892]:  Listening on port 80
> > > lwsts[27892]:  LWS_MAX_EXTENSIONS_ACTIVE: 2
> > > lwsts[27892]:  mem: per-conn:          512 bytes + protocol rx
> > > buf
> > > lwsts[27892]:  canonical_hostname = ubuntu
> > > lwsts[27892]: lws_protocol_init
> > > lwsts[27892]: fd=9, revents=1
> > > lwsts[27892]: accepted new conn  port 59792 on fd=10
> > > lwsts[27892]: Accepted 0x7f9ffc047030 to tsi 0
> > > lwsts[27892]: lws_set_timeout: 0x7f9ffc047030: 5 secs
> > > lwsts[27892]: insert_wsi_socket_into_fds: 0x7f9ffc047030: tsi=0,
> > > sock=10, pos-in-fds=2
> > > lwsts[27892]: lws_set_timeout: 0x7f9ffc047030: 5 secs
> > > lwsts[27892]: inserted SSL accept into fds, trying SSL_accept
> > > lwsts[27892]: SSL_accept failed 2 /
> > > error:00000002:lib(0):func(0):system lib
> > > lwsts[27892]: SSL_ERROR_WANT_READ
> > > lwsts[27892]: lws_header_table_attach: wsi 0x7f9ffc047030: ah
> > > (nil)
> > > (tsi 0, count = 0) in
> > > lwsts[27892]: lws_header_table_attach: wsi 0x7f9ffc047030: ah
> > > 0x7f9ffc012d20: count 1 (on exit)
> > > lwsts[27892]: Attached ah immediately
> > > lwsts[27892]: fd=10, revents=1
> > > lwsts[27892]: SNI: Unknown ServerName: ubuntu.local
> > > lwsts[27892]: SSL_accept failed 2 /
> > > error:00000002:lib(0):func(0):system lib
> > > lwsts[27892]: SSL_ERROR_WANT_READ
> > > lwsts[27892]: fd=10, revents=1
> > > lwsts[27892]: SSL_accept failed 1 /
> > > error:00000001:lib(0):func(0):reason(1)
> > > lwsts[27892]: SSL_accept failed skt 10:
> > > error:00000001:lib(0):func(0):reason(1)
> > > lwsts[27892]: *** error:14094418:SSL
> > > routines:ssl3_read_bytes:tlsv1
> > > alert unknown ca
> > > lwsts[27892]: lws_close_free_wsi: shutting down connection:
> > > 0x7f9ffc047030 (sock 10, state 0)
> > > lwsts[27892]: lws_set_timeout: 0x7f9ffc047030: 5 secs
> > > lwsts[27892]: fd=10, revents=17
> > > lwsts[27892]: SSL_accept failed 6 /
> > > error:00000006:lib(0):func(0):EVP
> > > lib
> > > lwsts[27892]: SSL_accept failed skt 10:
> > > error:00000006:lib(0):func(0):EVP lib
> > > lwsts[27892]: lws_close_free_wsi: real just_kill_connection:
> > > 0x7f9ffc047030 (sockfd 10)
> > > lwsts[27892]: remove_wsi_socket_from_fds: removing same prot wsi
> > > 0x7f9ffc047030
> > > lwsts[27892]: remove_wsi_socket_from_fds: wsi=0x7f9ffc047030,
> > > sock=10, fds pos=2, end guy pos=3, endfd=0
> > > lwsts[27892]: not calling back closed mode=6 state=0
> > > lwsts[27892]: ah det due to close
> > > lwsts[27892]: lws_header_table_detach: wsi 0x7f9ffc047030: ah
> > > 0x7f9ffc012d20 (tsi=0, count = 1)
> > > lwsts[27892]: lws_header_table_detach: wsi 0x7f9ffc047030: ah
> > > 0x7f9ffc012d20 (tsi=0, count = 0)
> > > lwsts[27892]: lws_free_wsi: 0x7f9ffc047030, remaining wsi 1
> > > 
> > > > On 05-Dec-2016, at 3:43 PM, Andy Green <andy at warmcat.com>
> > > > wrote:
> > > > 
> > > > On Mon, 2016-12-05 at 14:39 +0530, satya gowtham kudupudi
> > > > wrote:
> > > > 
> > > > > When I try to visit https://ubuntu.local:80 server prints
> > > > 
> > > > Ah who knows... you snipped the log that says how it's set up.
> > > > 
> > > > It's pointless anyway, nobody has your changed sources except
> > > > you.
> > > >  And
> > > > it's true for each person with changed sources only they have:
> > > > *nobody
> > > > else cares about whether they work or are broken except you*.
> > > >  Just
> > > > like you didn't care about the last guy using lws with some
> > > > problem
> > > > he
> > > > had caused himself.  (I know.. when it's your problem it's
> > > > different. 
> > > > But it isn't.)
> > > > 
> > > > If lws is broken or should do something better... it's up to
> > > > you to
> > > > show that's the case, usually using the test server or client
> > > > as a
> > > > reference we both have.  If it's not the case then your problem
> > > > exists
> > > > inbetween my working example apps you started with and the
> > > > modifications that you did to them.  That's *your* problem
> > > > (unless
> > > > you
> > > > can show it is my problem, in lws, in which case I will fix
> > > > it).
> > > > 
> > > > Just use the plain test server that's provided with lws.  I
> > > > just
> > > > did it
> > > > here, you should get the same result.
> > > > 
> > > > 1) $ libwebsockets-test-server --ssl
> > > > 
> > > > 2) In a browser
> > > > 
> > > > https://localhost:7681
> > > > 
> > > > 3) Browser says "Not secure, self signed Cert".  Lws creates
> > > > some
> > > > unique selfsigned certs for testing purposes when you run
> > > > cmake.
> > > > 
> > > > 4) You click advanced or override and / or add security
> > > > exception
> > > > whatever, to say the selfsigned cert is OK
> > > > 
> > > > 5) Test server content appears in browser
> > > > 
> > > > Put your code on one side and try to repeat that using the test
> > > > server
> > > > + certs.
> > > > 
> > > > Here is the logging from when I ran it for reference:
> > > > 
> > > > ```
> > > > $ libwebsockets-test-server --ssl
> > > > lwsts[8423]: libwebsockets test server - license LGPL2.1+SLE
> > > > lwsts[8423]: (C) Copyright 2010-2016 Andy Green <andy at warmcat.c
> > > > om>
> > > > Using resource path "/usr/share/libwebsockets-test-server"
> > > > lwsts[8423]: Initial logging level 7
> > > > lwsts[8423]: Libwebsockets version: 2.1.0 agreen at build-v2.0.0-1
> > > > 96-g
> > > > fdab
> > > > d95
> > > > lwsts[8423]: IPV6 not compiled in
> > > > lwsts[8423]: libev support not compiled in
> > > > lwsts[8423]: libuv support compiled in but disabled
> > > > lwsts[8423]:  Threads: 1 each 1024 fds
> > > > lwsts[8423]:  mem: platform fd map:  8192 bytes
> > > > lwsts[8423]:  Compiled with OpenSSL support
> > > > lwsts[8423]: Creating Vhost 'default' port 7681, 5 protocols,
> > > > IPv6
> > > > off
> > > > lwsts[8423]:  SSL ciphers: 'ECDHE-ECDSA-AES256-GCM-
> > > > SHA384:ECDHE-
> > > > RSA-
> > > > AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-
> > > > SHA384:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4:!HMAC_SHA
> > > > 1:!S
> > > > HA1:
> > > > !DHE-RSA-AES128-GCM-SHA256:!DHE-RSA-AES128-SHA256:!AES128-GCM-
> > > > SHA25
> > > > lwsts[8423]:  Using SSL mode
> > > > lwsts[8423]:  SSL ECDH curve 'prime256v1'
> > > > lwsts[8423]:  Listening on port 7681
> > > > lwsts[8423]:  mem: per-conn:          720 bytes + protocol rx
> > > > buf
> > > > lwsts[8423]:  canonical_hostname = build
> > > > lwsts[8423]: lws_protocol_init
> > > > lwsts[8423]: Accepted wsi 0xed9a70 to context 0xe896f0, tsi 0
> > > > lwsts[8423]: SNI: Unknown ServerName: localhost
> > > > lwsts[8423]: lws_server_socket_service: wsi 0xed9a70 read -1
> > > > lwsts[8423]: Accepted wsi 0xeed610 to context 0xe896f0, tsi 0
> > > > lwsts[8423]: SNI: Unknown ServerName: localhost
> > > > lwsts[8423]: 127.0.0.1 - - [05/Dec/2016:18:03:36 +0800] "GET /
> > > > http/1.1" 200 20886 Mozilla/5.0 (X11; Fedora; Linux x86_64;
> > > > rv:50.0)
> > > > Gecko/20100101 Firefox/50.0
> > > > lwsts[8423]: 127.0.0.1 - - [05/Dec/2016:18:03:36 +0800] "GET
> > > > /lws-
> > > > common.js http/1.1" 200 3336 Mozilla/5.0 (X11; Fedora; Linux
> > > > x86_64;
> > > > rv:50.0) Gecko/20100101 Firefox/50.0
> > > > lwsts[8423]: 127.0.0.1 - - [05/Dec/2016:18:03:36 +0800] "GET
> > > > /libwebsockets.org-logo.png http/1.1" 200 7232 Mozilla/5.0
> > > > (X11;
> > > > Fedora; Linux x86_64; rv:50.0) Gecko/20100101 Firefox/50.0
> > > > lwsts[8423]: 127.0.0.1 - - [05/Dec/2016:18:03:37 +0800] "GET
> > > > /favicon.ico http/1.1" 200 1612 Mozilla/5.0 (X11; Fedora; Linux
> > > > x86_64;
> > > > rv:50.0) Gecko/20100101 Firefox/50.0
> > > > lwsts[8423]: Accepted wsi 0xeda330 to context 0xe896f0, tsi 0
> > > > lwsts[8423]: SNI: Unknown ServerName: localhost
> > > >     get  = /xxx
> > > >     host: = localhost:7681
> > > >     connection: = keep-alive, Upgrade
> > > >     upgrade: = websocket
> > > >     origin: = https://localhost:7681
> > > >     sec-websocket-extensions: = permessage-deflate
> > > >     sec-websocket-protocol: = dumb-increment-protocol
> > > >     http/1.1  = HTTP/1.1
> > > >     accept: =
> > > > text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
> > > >     accept-encoding: = gzip, deflate, br
> > > >     accept-language: = en-US,en;q=0.5
> > > >     pragma: = no-cache
> > > >     cache-control: = no-cache
> > > >     cookie: = test=LWS_1480932216_877788_COOKIE
> > > >     sec-websocket-key: = 5DUsn/Y+0qH7uJTlU0EEIQ==
> > > >     sec-websocket-version: = 13
> > > >     user-agent: = Mozilla/5.0 (X11; Fedora; Linux x86_64;
> > > > rv:50.0)
> > > > Gecko/20100101 Firefox/50.0
> > > > lwsts[8423]:  permessage-deflate requires the protocol (dumb-
> > > > increment-
> > > > protocol) to have an RX buffer >= 128
> > > > lwsts[8423]: ext permessage-deflate failed construction
> > > > lwsts[8423]: 0xeda330 new partial sent 30 from 178 total
> > > > lwsts[8423]: 127.0.0.1 - - [05/Dec/2016:18:03:37 +0800] "GET
> > > > /favicon.ico http/1.1" 200 1612 Mozilla/5.0 (X11; Fedora; Linux
> > > > x86_64;
> > > > rv:50.0) Gecko/20100101 Firefox/50.0
> > > > lwsts[8423]: Accepted wsi 0xef73d0 to context 0xe896f0, tsi 0
> > > > lwsts[8423]: SNI: Unknown ServerName: localhost
> > > > lwsts[8423]:  Capping pmd rx to 128
> > > > lwsts[8423]: 0xef73d0 new partial sent 148 from 211 total
> > > > lwsts[8423]: cache_len 243
> > > > lwsts[8423]: 0xef73d0 new partial sent 148 from 207 total
> > > > lwsts[8423]: Accepted wsi 0xee1390 to context 0xe896f0, tsi 0
> > > > lwsts[8423]: SNI: Unknown ServerName: localhost
> > > >     get  = /xxx
> > > >     host: = localhost:7681
> > > >     connection: = keep-alive, Upgrade
> > > >     upgrade: = websocket
> > > >     origin: = https://localhost:7681
> > > >     sec-websocket-extensions: = permessage-deflate
> > > >     sec-websocket-protocol: = lws-mirror-protocol
> > > >     http/1.1  = HTTP/1.1
> > > >     accept: =
> > > > text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
> > > >     accept-encoding: = gzip, deflate, br
> > > >     accept-language: = en-US,en;q=0.5
> > > >     pragma: = no-cache
> > > >     cache-control: = no-cache
> > > >     cookie: = test=LWS_1480932216_877788_COOKIE
> > > >     sec-websocket-key: = u1dBJJLVlfeCMijDZ2pvIQ==
> > > >     sec-websocket-version: = 13
> > > >     user-agent: = Mozilla/5.0 (X11; Fedora; Linux x86_64;
> > > > rv:50.0)
> > > > Gecko/20100101 Firefox/50.0
> > > > lwsts[8423]:  Capping pmd rx to 128
> > > > lwsts[8423]: 0xee1390 new partial sent 148 from 220 total
> > > > ```
> > > > 
> > > > -Andy
> > > > 
> > > > 
> > > > > lwsts[27892]: fd=9, revents=1
> > > > > lwsts[27892]: accepted new conn  port 59792 on fd=10
> > > > > lwsts[27892]: Accepted 0x7f9ffc047030 to tsi 0
> > > > > lwsts[27892]: lws_set_timeout: 0x7f9ffc047030: 5 secs
> > > > > lwsts[27892]: insert_wsi_socket_into_fds: 0x7f9ffc047030:
> > > > > tsi=0,
> > > > > sock=10, pos-in-fds=2
> > > > > lwsts[27892]: lws_set_timeout: 0x7f9ffc047030: 5 secs
> > > > > lwsts[27892]: inserted SSL accept into fds, trying SSL_accept
> > > > > lwsts[27892]: SSL_accept failed 2 /
> > > > > error:00000002:lib(0):func(0):system lib
> > > > > lwsts[27892]: SSL_ERROR_WANT_READ
> > > > > lwsts[27892]: lws_header_table_attach: wsi 0x7f9ffc047030: ah
> > > > > (nil)
> > > > > (tsi 0, count = 0) in
> > > > > lwsts[27892]: lws_header_table_attach: wsi 0x7f9ffc047030: ah
> > > > > 0x7f9ffc012d20: count 1 (on exit)
> > > > > lwsts[27892]: Attached ah immediately
> > > > > lwsts[27892]: fd=10, revents=1
> > > > > lwsts[27892]: SNI: Unknown ServerName: ubuntu.local
> > > > > lwsts[27892]: SSL_accept failed 2 /
> > > > > error:00000002:lib(0):func(0):system lib
> > > > > lwsts[27892]: SSL_ERROR_WANT_READ
> > > > > lwsts[27892]: fd=10, revents=1
> > > > > lwsts[27892]: SSL_accept failed 1 /
> > > > > error:00000001:lib(0):func(0):reason(1)
> > > > > lwsts[27892]: SSL_accept failed skt 10:
> > > > > error:00000001:lib(0):func(0):reason(1)
> > > > > lwsts[27892]: *** error:14094418:SSL
> > > > > routines:ssl3_read_bytes:tlsv1
> > > > > alert unknown ca
> > > > > lwsts[27892]: lws_close_free_wsi: shutting down connection:
> > > > > 0x7f9ffc047030 (sock 10, state 0)
> > > > > lwsts[27892]: lws_set_timeout: 0x7f9ffc047030: 5 secs
> > > > > lwsts[27892]: fd=10, revents=17
> > > > > lwsts[27892]: SSL_accept failed 6 /
> > > > > error:00000006:lib(0):func(0):EVP
> > > > > lib
> > > > > lwsts[27892]: SSL_accept failed skt 10:
> > > > > error:00000006:lib(0):func(0):EVP lib
> > > > > lwsts[27892]: lws_close_free_wsi: real just_kill_connection:
> > > > > 0x7f9ffc047030 (sockfd 10)
> > > > > lwsts[27892]: remove_wsi_socket_from_fds: removing same prot
> > > > > wsi
> > > > > 0x7f9ffc047030
> > > > > lwsts[27892]: remove_wsi_socket_from_fds: wsi=0x7f9ffc047030,
> > > > > sock=10, fds pos=2, end guy pos=3, endfd=0
> > > > > lwsts[27892]: not calling back closed mode=6 state=0
> > > > > lwsts[27892]: ah det due to close
> > > > > lwsts[27892]: lws_header_table_detach: wsi 0x7f9ffc047030: ah
> > > > > 0x7f9ffc012d20 (tsi=0, count = 1)
> > > > > lwsts[27892]: lws_header_table_detach: wsi 0x7f9ffc047030: ah
> > > > > 0x7f9ffc012d20 (tsi=0, count = 0)
> > > > > lwsts[27892]: lws_free_wsi: 0x7f9ffc047030, remaining wsi 1
> > > > > 
> > > > > --
> > > > > Gowtham
> > > > > > On 05-Dec-2016, at 2:20 PM, Andy Green <andy at warmcat.com>
> > > > > > wrote:
> > > > > > 
> > > > > > On Mon, 2016-12-05 at 13:57 +0530, satya gowtham kudupudi
> > > > > > wrote:
> > > > > > > when I try to visit with SSL HTTPS protocol, nothing
> > > > > > > happens.
> > > > > > > Page
> > > > > > > doesn't load at browser and server prints nothing on the
> > > > > > > screen.
> > > > > > 
> > > > > > Mmm
> > > > > > 
> > > > > > > lwsts[27731]:  Listening on port 80
> > > > > > 
> > > > > > Are you telling it to listen on 443?  If you are still
> > > > > > listening on
> > > > > > port 80, just with SSL, you must visit https://ubuntu.local
> > > > > > :80
> > > > > > 
> > > > > > > When I try to visit with non-SSL HTTP protocol, I expect
> > > > > > > to
> > > > > > > redirect
> > > > > > to HTTPS.
> > > > > > 
> > > > > > Yeah.
> > > > > > 
> > > > > > Well you need to set that up if that's what you want.  You
> > > > > > tell
> > > > > > lws
> > > > > > to
> > > > > > listen on one port or another and it does that.  That's it.
> > > > > >  Apache
> > > > > > is
> > > > > > the same.
> > > > > > 
> > > > > > You need to add a second vhost listening on 80 to do that,
> > > > > > and
> > > > > > mount a
> > > > > > redirect to https://whatever there.  Your main SSL vhost
> > > > > > should
> > > > > > be
> > > > > > listening on 443.
> > > > > > 
> > > > > > -Andy
> > > > > > 
> > > > > > 
> > > > > > > On Mon, Dec 5, 2016 at 12:17 PM, Andy Green <andy at warmcat
> > > > > > > .com
> > > > > > > wrote:
> > > > > > > > On Mon, 2016-12-05 at 12:05 +0530, satya gowtham
> > > > > > > > kudupudi
> > > > > > > > wrote:
> > > > > > > > > Hi,
> > > > > > > > > 
> > > > > > > > > I have enabled ssl using -ssl option on my server
> > > > > > > > > that
> > > > > > > > > inherits
> > > > > > > > test-
> > > > > > > > > server. server is running at ubuntu.local. https://ub
> > > > > > > > > untu
> > > > > > > > > .loc
> > > > > > > > > al
> > > > > > > > don't
> > > > > > > > > generate any kind of log at the server but http://ubu
> > > > > > > > > ntu.
> > > > > > > > > loca
> > > > > > > > > l
> > > > > > > > has
> > > > > > > > > generates below log
> > > > > > > > 
> > > > > > > > Ehhh if I understand it, you have started an SSL server
> > > > > > > > and
> > > > > > > > then
> > > > > > > > visit
> > > > > > > > it using non-SSL http protocol?
> > > > > > > > 
> > > > > > > > What exactly were you expecting to happen?
> > > > > > > > 
> > > > > > > > -Andy
> > > > > > > > 
> > > > > > > > 
> > > > > > > > > lwsts[27731]: libwebsockets test server - license
> > > > > > > > > LGPL2.1+SLE
> > > > > > > > > lwsts[27731]: (C) Copyright 2010-2016 Andy Green <and
> > > > > > > > > y at wa
> > > > > > > > > rmca
> > > > > > > > > t.co
> > > > > > > > m>
> > > > > > > > > lwsts[27731]: Running in server mode
> > > > > > > > > lwsts[27731]: Initial logging level 65535
> > > > > > > > > lwsts[27731]: Libwebsockets version: 2.1.0 gowtham at ub
> > > > > > > > > untu
> > > > > > > > > -v2.
> > > > > > > > > 0.0-
> > > > > > > > 170-
> > > > > > > > > g7355750
> > > > > > > > > lwsts[27731]: IPV6 not compiled in
> > > > > > > > > lwsts[27731]: libev support not compiled in
> > > > > > > > > lwsts[27731]: libuv support not compiled in
> > > > > > > > > lwsts[27731]:  LWS_DEF_HEADER_LEN    : 4096
> > > > > > > > > lwsts[27731]:  LWS_MAX_PROTOCOLS     : 5
> > > > > > > > > lwsts[27731]:  LWS_MAX_SMP           : 32
> > > > > > > > > lwsts[27731]:  SPEC_LATEST_SUPPORTED : 13
> > > > > > > > > lwsts[27731]:  sizeof (*info)        : 320
> > > > > > > > > lwsts[27731]:  SYSTEM_RANDOM_FILEPATH: '/dev/urandom'
> > > > > > > > > lwsts[27731]:  default timeout (secs): 5
> > > > > > > > > lwsts[27731]:  Threads: 1 each 1024 fds
> > > > > > > > > lwsts[27731]:  mem: context:          9272 bytes
> > > > > > > > > (5176
> > > > > > > > > ctx +
> > > > > > > > > (1
> > > > > > > > thr x
> > > > > > > > > 4096))
> > > > > > > > > lwsts[27731]:  mem: http hdr rsvd:   122880 bytes (1
> > > > > > > > > thr
> > > > > > > > > x
> > > > > > > > > (4096
> > > > > > > > +
> > > > > > > > > 3584) x 16))
> > > > > > > > > lwsts[27731]:  mem: pollfd map:       8192
> > > > > > > > > lwsts[27731]:  mem: platform fd map:  8192 bytes
> > > > > > > > > lwsts[27731]:  Compiled with OpenSSL support
> > > > > > > > > lwsts[27731]: Creating Vhost 'default' port 80, 2
> > > > > > > > > protocols,
> > > > > > > > > IPv6
> > > > > > > > off
> > > > > > > > 
> > > > > > > > 
> > > > > > > > 
> > > > > > > > > lwsts[27731]:  SSL ciphers: 'ECDHE-ECDSA-AES256-GCM-
> > > > > > > > > SHA384:ECDHE-
> > > > > > > > RSA-
> > > > > > > > > AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-
> > > > > > > > > RSA-
> > > > > > > > > AES256-
> > > > > > > > > 
> > > > > > > > SHA384:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4:!
> > > > > > > > HMAC
> > > > > > > > _SHA
> > > > > > > > 1:!S
> > > > > > > > HA
> > > > > > > > > 1:!DHE-RSA-AES128-GCM-SHA256:!DHE-RSA-AES128-
> > > > > > > > > SHA256:!AES128-
> > > > > > > > > GCM-
> > > > > > > > SHA25
> > > > > > > > > lwsts[27731]:  Using SSL mode
> > > > > > > > > lwsts[27731]:  SSL ECDH curve 'prime256v1'
> > > > > > > > > lwsts[27731]:  SSL options 0x35A0004
> > > > > > > > > lwsts[27731]: insert_wsi_socket_into_fds:
> > > > > > > > > 0x7f33500451b0:
> > > > > > > > > tsi=0,
> > > > > > > > > sock=9, pos-in-fds=1
> > > > > > > > > lwsts[27731]:  Listening on port 80
> > > > > > > > > lwsts[27731]:  LWS_MAX_EXTENSIONS_ACTIVE: 2
> > > > > > > > > lwsts[27731]:  mem: per-conn:          512 bytes +
> > > > > > > > > protocol
> > > > > > > > > rx
> > > > > > > > buf
> > > > > > > > > lwsts[27731]:  canonical_hostname = ubuntu
> > > > > > > > > lwsts[27731]: lws_protocol_init
> > > > > > > > > lwsts[27731]: fd=9, revents=1
> > > > > > > > > lwsts[27731]: accepted new conn  port 55677 on fd=10
> > > > > > > > > lwsts[27731]: Accepted 0x7f3350047030 to tsi 0
> > > > > > > > > lwsts[27731]: lws_set_timeout: 0x7f3350047030: 5 secs
> > > > > > > > > lwsts[27731]: insert_wsi_socket_into_fds:
> > > > > > > > > 0x7f3350047030:
> > > > > > > > > tsi=0,
> > > > > > > > > sock=10, pos-in-fds=2
> > > > > > > > > lwsts[27731]: lws_set_timeout: 0x7f3350047030: 5 secs
> > > > > > > > > lwsts[27731]: inserted SSL accept into fds, trying
> > > > > > > > > SSL_accept
> > > > > > > > > lwsts[27731]: SSL_accept failed 1 /
> > > > > > > > > error:00000001:lib(0):func(0):reason(1)
> > > > > > > > > lwsts[27731]: SSL_accept failed skt 10:
> > > > > > > > > error:00000001:lib(0):func(0):reason(1)
> > > > > > > > > lwsts[27731]: *** error:1407609C:SSL
> > > > > > > > > 
> > > > > > > > routines:SSL23_GET_CLIENT_HELLO:httproutines:SSL23_GET_
> > > > > > > > CLIE
> > > > > > > > NT_H
> > > > > > > > ELLO
> > > > > > > > :h
> > > > > > > > > ttp request
> > > > > > > > > lwsts[27731]: lws_adopt_socket_vhost: fail ssl
> > > > > > > > > negotiation
> > > > > > > > > lwsts[27731]: lws_close_free_wsi: shutting down
> > > > > > > > > connection:
> > > > > > > > > 0x7f3350047030 (sock 10, state 0)
> > > > > > > > > lwsts[27731]: lws_set_timeout: 0x7f3350047030: 5 secs
> > > > > > > > > lwsts[27731]: fd=10, revents=17
> > > > > > > > > lwsts[27731]: SSL_accept failed 1 /
> > > > > > > > > error:00000001:lib(0):func(0):reason(1)
> > > > > > > > > lwsts[27731]: SSL_accept failed skt 10:
> > > > > > > > > error:00000001:lib(0):func(0):reason(1)
> > > > > > > > > lwsts[27731]: *** error:1407609C:SSL
> > > > > > > > > routines:SSL23_GET_CLIENT_HELLO:http request
> > > > > > > > > lwsts[27731]: lws_close_free_wsi: real
> > > > > > > > > just_kill_connection:
> > > > > > > > > 0x7f3350047030 (sockfd 10)
> > > > > > > > > lwsts[27731]: remove_wsi_socket_from_fds: removing
> > > > > > > > > same
> > > > > > > > > prot
> > > > > > > > > wsi
> > > > > > > > > 0x7f3350047030
> > > > > > > > > lwsts[27731]: remove_wsi_socket_from_fds:
> > > > > > > > > wsi=0x7f3350047030,
> > > > > > > > > sock=10, fds pos=2, end guy pos=3, endfd=0
> > > > > > > > > lwsts[27731]: not calling back closed mode=6 state=0
> > > > > > > > > lwsts[27731]: ah det due to close
> > > > > > > > > lwsts[27731]: lws_header_table_detach: wsi
> > > > > > > > > 0x7f3350047030: ah
> > > > > > > > (nil)
> > > > > > > > > (tsi=0, count = 0)
> > > > > > > > > lwsts[27731]: lws_header_table_detach: wsi
> > > > > > > > > 0x7f3350047030: ah
> > > > > > > > (nil)
> > > > > > > > > (tsi=0, count = 0)
> > > > > > > > > lwsts[27731]: lws_free_wsi: 0x7f3350047030, remaining
> > > > > > > > > wsi
> > > > > > > > > 1
> > > > > > > > > lwsts[27731]: fd=9, revents=1
> > > > > > > > > lwsts[27731]: accepted new conn  port 55680 on fd=10
> > > > > > > > > lwsts[27731]: Accepted 0x7f3350047030 to tsi 0
> > > > > > > > > lwsts[27731]: lws_set_timeout: 0x7f3350047030: 5 secs
> > > > > > > > > lwsts[27731]: insert_wsi_socket_into_fds:
> > > > > > > > > 0x7f3350047030:
> > > > > > > > > tsi=0,
> > > > > > > > > sock=10, pos-in-fds=2
> > > > > > > > > lwsts[27731]: lws_set_timeout: 0x7f3350047030: 5 secs
> > > > > > > > > lwsts[27731]: inserted SSL accept into fds, trying
> > > > > > > > > SSL_accept
> > > > > > > > > lwsts[27731]: SSL_accept failed 1 /
> > > > > > > > > error:00000001:lib(0):func(0):reason(1)
> > > > > > > > > lwsts[27731]: SSL_accept failed skt 10:
> > > > > > > > > error:00000001:lib(0):func(0):reason(1)
> > > > > > > > > lwsts[27731]: *** error:1407609C:SSL
> > > > > > > > > routines:SSL23_GET_CLIENT_HELLO:http request
> > > > > > > > > lwsts[27731]: lws_adopt_socket_vhost: fail ssl
> > > > > > > > > negotiation
> > > > > > > > > lwsts[27731]: lws_close_free_wsi: shutting down
> > > > > > > > > connection:
> > > > > > > > > 0x7f3350047030 (sock 10, state 0)
> > > > > > > > > lwsts[27731]: lws_set_timeout: 0x7f3350047030: 5 secs
> > > > > > > > > lwsts[27731]: fd=10, revents=17
> > > > > > > > > lwsts[27731]: SSL_accept failed 1 /
> > > > > > > > > error:00000001:lib(0):func(0):reason(1)
> > > > > > > > > lwsts[27731]: SSL_accept failed skt 10:
> > > > > > > > > error:00000001:lib(0):func(0):reason(1)
> > > > > > > > > lwsts[27731]: *** error:1407609C:SSL
> > > > > > > > > routines:SSL23_GET_CLIENT_HELLO:http request
> > > > > > > > > lwsts[27731]: lws_close_free_wsi: real
> > > > > > > > > just_kill_connection:
> > > > > > > > > 0x7f3350047030 (sockfd 10)
> > > > > > > > > lwsts[27731]: remove_wsi_socket_from_fds: removing
> > > > > > > > > same
> > > > > > > > > prot
> > > > > > > > > wsi
> > > > > > > > > 0x7f3350047030
> > > > > > > > > lwsts[27731]: remove_wsi_socket_from_fds:
> > > > > > > > > wsi=0x7f3350047030,
> > > > > > > > > sock=10, fds pos=2, end guy pos=3, endfd=0
> > > > > > > > > lwsts[27731]: not calling back closed mode=6 state=0
> > > > > > > > > lwsts[27731]: ah det due to close
> > > > > > > > > lwsts[27731]: lws_header_table_detach: wsi
> > > > > > > > > 0x7f3350047030: ah
> > > > > > > > (nil)
> > > > > > > > > (tsi=0, count = 0)
> > > > > > > > > lwsts[27731]: lws_header_table_detach: wsi
> > > > > > > > > 0x7f3350047030: ah
> > > > > > > > (nil)
> > > > > > > > > (tsi=0, count = 0)
> > > > > > > > > lwsts[27731]: lws_free_wsi: 0x7f3350047030, remaining
> > > > > > > > > wsi
> > > > > > > > > 1
> > > > > > > > > lwsts[27731]: fd=9, revents=1
> > > > > > > > > lwsts[27731]: accepted new conn  port 55683 on fd=10
> > > > > > > > > lwsts[27731]: Accepted 0x7f3350047030 to tsi 0
> > > > > > > > > lwsts[27731]: lws_set_timeout: 0x7f3350047030: 5 secs
> > > > > > > > > lwsts[27731]: insert_wsi_socket_into_fds:
> > > > > > > > > 0x7f3350047030:
> > > > > > > > > tsi=0,
> > > > > > > > > sock=10, pos-in-fds=2
> > > > > > > > > lwsts[27731]: lws_set_timeout: 0x7f3350047030: 5 secs
> > > > > > > > > lwsts[27731]: inserted SSL accept into fds, trying
> > > > > > > > > SSL_accept
> > > > > > > > > lwsts[27731]: SSL_accept failed 2 /
> > > > > > > > > error:00000002:lib(0):func(0):system lib
> > > > > > > > > lwsts[27731]: SSL_ERROR_WANT_READ
> > > > > > > > > lwsts[27731]: lws_header_table_attach: wsi
> > > > > > > > > 0x7f3350047030: ah
> > > > > > > > (nil)
> > > > > > > > > (tsi 0, count = 0) in
> > > > > > > > > lwsts[27731]: lws_header_table_attach: wsi
> > > > > > > > > 0x7f3350047030: ah
> > > > > > > > > 0x7f3350012d20: count 1 (on exit)
> > > > > > > > > lwsts[27731]: Attached ah immediately
> > > > > > > > > lwsts[27731]: fd=10, revents=1
> > > > > > > > > lwsts[27731]: SSL_accept failed 1 /
> > > > > > > > > error:00000001:lib(0):func(0):reason(1)
> > > > > > > > > lwsts[27731]: SSL_accept failed skt 10:
> > > > > > > > > error:00000001:lib(0):func(0):reason(1)
> > > > > > > > > lwsts[27731]: *** error:1407609C:SSL
> > > > > > > > > routines:SSL23_GET_CLIENT_HELLO:http request
> > > > > > > > > lwsts[27731]: lws_close_free_wsi: shutting down
> > > > > > > > > connection:
> > > > > > > > > 0x7f3350047030 (sock 10, state 0)
> > > > > > > > > lwsts[27731]: lws_set_timeout: 0x7f3350047030: 5 secs
> > > > > > > > > lwsts[27731]: fd=10, revents=1
> > > > > > > > > lwsts[27731]: SSL_accept failed 1 /
> > > > > > > > > error:00000001:lib(0):func(0):reason(1)
> > > > > > > > > lwsts[27731]: SSL_accept failed skt 10:
> > > > > > > > > error:00000001:lib(0):func(0):reason(1)
> > > > > > > > > lwsts[27731]: *** error:1407609C:SSL
> > > > > > > > > routines:SSL23_GET_CLIENT_HELLO:http request
> > > > > > > > > lwsts[27731]: lws_close_free_wsi: real
> > > > > > > > > just_kill_connection:
> > > > > > > > > 0x7f3350047030 (sockfd 10)
> > > > > > > > > lwsts[27731]: remove_wsi_socket_from_fds: removing
> > > > > > > > > same
> > > > > > > > > prot
> > > > > > > > > wsi
> > > > > > > > > 0x7f3350047030
> > > > > > > > > lwsts[27731]: remove_wsi_socket_from_fds:
> > > > > > > > > wsi=0x7f3350047030,
> > > > > > > > > sock=10, fds pos=2, end guy pos=3, endfd=0
> > > > > > > > > lwsts[27731]: not calling back closed mode=6 state=0
> > > > > > > > > lwsts[27731]: ah det due to close
> > > > > > > > > lwsts[27731]: lws_header_table_detach: wsi
> > > > > > > > > 0x7f3350047030: ah
> > > > > > > > > 0x7f3350012d20 (tsi=0, count = 1)
> > > > > > > > > lwsts[27731]: lws_header_table_detach: wsi
> > > > > > > > > 0x7f3350047030: ah
> > > > > > > > > 0x7f3350012d20 (tsi=0, count = 0)
> > > > > > > > > lwsts[27731]: lws_free_wsi: 0x7f3350047030, remaining
> > > > > > > > > wsi
> > > > > > > > > 1
> > > > > > > > > 
> > > > > > > > > I have no clue whats going on. Any hint is very much
> > > > > > > > > helpful.
> > > > > > > > > 
> > > > > > > > > Thank you.
> > > > > > > > > 
> > > > > > > > > --
> > > > > > > > > Gowtham
> > > > > > > > > _______________________________________________
> > > > > > > > > Libwebsockets mailing list
> > > > > > > > > Libwebsockets at ml.libwebsockets.org
> > > > > > > > > http://libwebsockets.org/mailman/listinfo/libwebsocke
> > > > > > > > > ts
> 
> 



More information about the Libwebsockets mailing list