Thanks Matija for the reply.
I tried opening my browser first to http://0.ape.my-domain.com:6969 and I immediately get the response from APE with the no command given message. Then I tried https://0.ape.your-domain.com:442, I get the same results but it takes extremely long to get a response. It's probably around 1 min until I get the same result. Based on the logs I see messages like ape connected remote server from 127.0.0.1:60001, and since I get a response I eventually get a response I take it stunnel and APE is communicating? But I also noticed the following in the logs: 2012.04.11 12:30:36 LOG7[2409:140692054951680]: Remote FD=15 initialized 2012.04.11 12:30:36 LOG7[2409:140692054951680]: TCP_NODELAY option set on remote socket 2012.04.11 12:30:36 LOG7[2409:140692054951680]: Socket closed on read 2012.04.11 12:30:36 LOG7[2409:140692054951680]: SSL write shutdown 2012.04.11 12:30:36 LOG7[2409:140692054951680]: SSL alert (write): warning: close notify 2012.04.11 12:30:36 LOG6[2409:140692054951680]: SSL_shutdown successfully sent close_notify 2012.04.11 12:30:38 LOG3[2409:140692054882048]: SSL_accept: Peer suddenly disconnected 2012.04.11 12:30:38 LOG5[2409:140692054882048]: Connection reset: 0 bytes sent to SSL, 0 bytes sent to socket 2012.04.11 12:30:38 LOG7[2409:140692054882048]: ape finished (1 left) 2012.04.11 12:31:36 LOG6[2409:140692054951680]: s_poll_wait timeout: connectionclose 2012.04.11 12:31:36 LOG5[2409:140692054951680]: Connection closed: 395 bytes sent to SSL, 387 bytes sent to socket It says that Peer is suddenly disconnected. Is that normal? The web server I have to use is IIS. It currently has the my- domain.com cert. In stunnel I placed 3 certs, my-domain.com, *.my- domain.com, *.ape.my-domian.com. The wild card certs I made using OpenSSL for now. Would this affect my setup? On Apr 11, 4:11 am, Matija Hiti <[email protected]> wrote: > First try if server replies anything through https. > Openhttps://0.ape.your-domain.com:442in your browser. You should get the same > response as withhttp://0.ape.your-domain.com:6969 > > If this works, dig into the jsf settings. Otherwise, search for issues on > server. > > For the server certificate: you need two of them. One for the apache > serving the files (yourdomain.com) and one wildcard for stunnel (*. > ape.your-domain.com). Stunnel works with bundle file, which includes your > certificate, ca certificate and intermediate certificates, if they exist. > Add foreground=yes or check the stunnel error log for errors when you run > it. > > Matija > > On 10 April 2012 14:04, Gino <[email protected]> wrote: > > > > > > > > > I realized in my previous post I placed the port as 443. That was just > > a typo, my configuration has the port set to 442, same port that is > > set in my apeClientJS.js > > so my stunnel.conf should be: > > > cert = /etc/stunnel/my_main_cert.pem > > cert = /etc/stunnel/my_ape_cert.pem > > cert = /etc/stunnel/my_wildcard_cert.pem > > sslVersion = SSLv3 > > debug = 7 > > output = /var/log/stunnel4/stunnel.log > > [ape] > > accept = 442 > > connect = 6969 > > > and I still get an error with the Check tool - fail to contact > >https://ape.my-domain.com:442 > > > I still haven't been able to get stunnel to work with APE. I've been > > reading what I could find in the internet, but no solution yet. > > Could someone share what certificates they have installed in their web > > server and stunnel server. > > I'm thinking my problem may lie with the certificates I have. As of > > now I'm using certificates made with OpenSSL. > > > I hope someone can help! > > > -- > > You received this message because you are subscribed to the Google > > Groups "APE Project" group. > > To post to this group, send email to [email protected] > > To unsubscribe from this group, send email to > > [email protected] > > For more options, visit this group at > >http://groups.google.com/group/ape-project?hl=en > > --- > > APE Project (Ajax Push Engine) > > Official website :http://www.ape-project.org/ > > Git Hub :http://github.com/APE-Project/ -- You received this message because you are subscribed to the Google Groups "APE Project" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/ape-project?hl=en --- APE Project (Ajax Push Engine) Official website : http://www.ape-project.org/ Git Hub : http://github.com/APE-Project/
