Hi, We have APE running on our live site and it's been working great so far. Recently we want to start offering our users https connections so I found the recommended solution to APE server with SSL https://github.com/APE-Project/APE_Server/wiki/APE-Server-Configuration-SSL-Tunnel#configure-ape-jsf
So as an experiment I've tried to setup stunnel on our development server. We have an APE server on our dev server at port 6969 http://mydevsite.com:6969 The dev site is setup at http://mydevsite.com My attempt is to get https://mydevsite.com:6968 working ( since port 6969 is being used by APE, I thought I would tie it to 6968 ) I setup stunnel and a self signed certificate My stunnel config is here: cert = /etc/stunnel/stunnel.pem ;sslVersion = SSLv3 debug = 7 output = /var/log/stunnel.log ;disable delay DNS lookup for 'connect' option delay = no ;no time to wait for close_notify! TIMEOUTclose = 0 [ape] accept = 6968 connect = mydevsiteIP:6969 Stunnel started without problems, but https://mydevsite.com:6968 didn't work (I don't see the "APE Server No command given."), although whenever I visit https://mydevsite.com:6968, stunnel.log logged something, 2014.09.05 18:55:38 LOG7[23976:47210037002448]: ape accepted FD=7 from MYPERSONALIP:65001 2014.09.05 18:55:38 LOG7[23976:47209990064448]: ape started 2014.09.05 18:55:38 LOG7[23976:47209990064448]: FD 7 in non-blocking mode 2014.09.05 18:55:38 LOG7[23976:47209990064448]: FD 8 in non-blocking mode 2014.09.05 18:55:38 LOG7[23976:47209990064448]: FD 9 in non-blocking mode 2014.09.05 18:55:38 LOG7[23976:47209990064448]: Connection from MYPERSONALIP:65001 permitted by libwrap 2014.09.05 18:55:38 LOG5[23976:47209990064448]: ape connected from MYPERSONALIP:65001 2014.09.05 18:55:38 LOG7[23976:47209990064448]: SSL state (accept): before/accept initialization 2014.09.05 18:55:38 LOG7[23976:47210037002448]: Cleaning up the signal pipe 2014.09.05 18:55:38 LOG6[23976:47210037002448]: Child process 24275 finished with code 0 2014.09.05 18:55:38 LOG7[23976:47209990064448]: SSL state (accept): SSLv3 read client hello A 2014.09.05 18:55:38 LOG7[23976:47209990064448]: SSL state (accept): SSLv3 write server hello A 2014.09.05 18:55:38 LOG7[23976:47209990064448]: SSL state (accept): SSLv3 write certificate A 2014.09.05 18:55:38 LOG7[23976:47209990064448]: SSL state (accept): SSLv3 write server done A 2014.09.05 18:55:38 LOG7[23976:47209990064448]: SSL state (accept): SSLv3 flush data 2014.09.05 18:55:38 LOG7[23976:47209990064448]: SSL state (accept): SSLv3 read client key exchange A 2014.09.05 18:55:38 LOG7[23976:47209990064448]: SSL state (accept): SSLv3 read finished A 2014.09.05 18:55:38 LOG7[23976:47209990064448]: SSL state (accept): SSLv3 write change cipher spec A 2014.09.05 18:55:38 LOG7[23976:47209990064448]: SSL state (accept): SSLv3 write finished A 2014.09.05 18:55:38 LOG7[23976:47209990064448]: SSL state (accept): SSLv3 flush data 2014.09.05 18:55:38 LOG7[23976:47209990064448]: 8 items in the session cache 2014.09.05 18:55:38 LOG7[23976:47209990064448]: 0 client connects (SSL_connect()) 2014.09.05 18:55:38 LOG7[23976:47209990064448]: 0 client connects that finished 2014.09.05 18:55:38 LOG7[23976:47209990064448]: 0 client renegotiations requested 2014.09.05 18:55:38 LOG7[23976:47209990064448]: 20 server connects (SSL_accept()) 2014.09.05 18:55:38 LOG7[23976:47209990064448]: 17 server connects that finished 2014.09.05 18:55:38 LOG7[23976:47209990064448]: 0 server renegotiations requested 2014.09.05 18:55:38 LOG7[23976:47209990064448]: 7 session cache hits 2014.09.05 18:55:38 LOG7[23976:47209990064448]: 0 session cache misses 2014.09.05 18:55:38 LOG7[23976:47209990064448]: 2 session cache timeouts 2014.09.05 18:55:38 LOG6[23976:47209990064448]: SSL accepted: new session negotiated 2014.09.05 18:55:38 LOG6[23976:47209990064448]: Negotiated ciphers: AES128-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA1 2014.09.05 18:55:38 LOG7[23976:47209990064448]: FD 8 in non-blocking mode 2014.09.05 18:55:38 LOG7[23976:47209990064448]: ape connecting 127.0.0.1:6969 2014.09.05 18:55:38 LOG7[23976:47209990064448]: connect_wait: waiting 10 seconds 2014.09.05 18:55:38 LOG3[23976:47209990064448]: connect_wait: getsockopt: Connection refused (111) 2014.09.05 18:55:38 LOG5[23976:47209990064448]: Connection reset: 0 bytes sent to SSL, 0 bytes sent to socket 2014.09.05 18:55:38 LOG7[23976:47209990064448]: ape finished (0 left) does that mean stunnel is communicating with APE? Here's our APE config: uid { # "aped" switch to this user/group if it run as root user = daemon group = daemon } Server { port = 6969 daemon = no ip_listen = SERVERIP domain = auto rlimit_nofile = 10000 pid_file = /var/run/aped.pid } Log { debug = 1 use_syslog = 0 logfile = /var/log/ape.log } JSONP { eval_func = Ape.transport.read allowed = 1 } Config { #relative to ape.conf modules = /usr/lib/ape/ modules_conf = /etc/ape/ } Please let me know if you have any ideas on how to fix this, I would really appreciate it. Thanks Wayne -- -- You received this message because you are subscribed to the Google Groups "APE Project" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/ape-project?hl=en --- APE Project (Ajax Push Engine) Official website : http://www.ape-project.org/ Git Hub : http://github.com/APE-Project/ --- You received this message because you are subscribed to the Google Groups "APE Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
