Re: [Mojolicious] Mojolicious::Lite HTTPS / SSL / TLS not working

[Stefan Adams]

On Wed, May 22, 2019 at 7:20 AM Celejar  wrote:

> Make sure everything is up to snuff with IO::Socket::SSL
>>
>
> What would you suggest I do, specifically?
>

Unfortunately, I'll be of little help here.   Did listening on https for
your app ever work on this instance that is currently failing?  The latest
version of IO::Socket::SSL is 2.066 -- perhaps update?  I think
IO::Socket::SSL depends on Net::SSLeay, perhaps update it to the latest
version 1.88?  Of course, it's always a good idea to update Mojolicious to
the latest version.  Do those one at a time and test after each update.
What about updating your openssl library openssl, libssl1.0.0, and
libssl-dev?  I'm on Ubuntu 16.04 with openssl 1.0.2g.

Before doing any of that, I'm just curious: openssl, curl, and wget all
fail for you...  what about trying the mojo useragent?

$ mojo get -k https://127.0.0.1:3000
Your Mojo is working!

-- 
You received this message because you are subscribed to the Google Groups 
"Mojolicious" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to mojolicious+unsubscr...@googlegroups.com.
To post to this group, send email to mojolicious@googlegroups.com.
Visit this group at https://groups.google.com/group/mojolicious.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/mojolicious/CACyQ%2BFSo3DJuttjM07D-HDGqXnNTkVeKtrJk1uNiV%2BbzuXE4cg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Mojolicious] Mojolicious::Lite HTTPS / SSL / TLS not working

[Celejar]

On Tuesday, May 21, 2019 at 3:10:24 PM UTC-4, Stefan Adams wrote:
>
> Try your test out with a built-in HelloWorld app:
>
> $ mojo daemon -l https://*:3000
> Server available at https://127.0.0.1:3000
> $ curl -k https://127.0.0.1:3000
> Your Mojo is working!
>
>
~$ mojo daemon -l https://*:3000
Server available at https://127.0.0.1:3000

~$ curl -k https://127.0.0.1:3000
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to 
127.0.0.1:3000

I doubt there's a problem with Mojo's SSL implementation as it doesn't 
> really have one -- it relies on IO::Socket::SSL.
>
> $ mojo version
> CORE
>   Perl(v5.22.1, linux)
>   Mojolicious (8.12, Supervillain)
>
> OPTIONAL
>   Cpanel::JSON::XS 4.04+  (n/a)
>   EV 4.0+ (n/a)
>   IO::Socket::Socks 0.64+ (n/a)
> *  IO::Socket::SSL 2.009+  (2.024)*
>   Net::DNS::Native 0.15+  (n/a)
>   Role::Tiny 2.01+(2.06)
>
> You might want to update your Mojolicious to 8.16!
>
>
~$ mojo version
CORE
  Perl(v5.28.1, linux)
  Mojolicious (8.12, Supervillain)

OPTIONAL
  Cpanel::JSON::XS 4.04+  (n/a)
  EV 4.0+ (4.25)
  IO::Socket::Socks 0.64+ (n/a)
  IO::Socket::SSL 2.009+  (2.060)
  Net::DNS::Native 0.15+  (n/a)
  Role::Tiny 2.01+(2.06)

You might want to update your Mojolicious to 8.16!

Make sure everything is up to snuff with IO::Socket::SSL
>

What would you suggest I do, specifically?

Thanks,

On Tue, May 21, 2019 at 12:42 PM Celejar > 
> wrote:
>
>> Hi,
>>
>> I'm trying to access my Mojolicious::Lite web app via HTTPS, but it's not 
>> working: the SSL connection is apparently immediately reset by the server:
>>
>> ~$ perl/app.pl daemon -l https://*:3000
>> [2019-05-21 13:40:24.49479] [10969] [info] Listening at "https://*:3000;
>> Server available at https://127.0.0.1:3000
>>
>> ~$ curl -v -k https://127.0.0.1:3000
>> * Expire in 0 ms for 6 (transfer 0x55d756de3dd0)
>> *   Trying 127.0.0.1...
>> * TCP_NODELAY set
>> * Expire in 200 ms for 4 (transfer 0x55d756de3dd0)
>> * Connected to 127.0.0.1 (127.0.0.1) port 3000 (#0)
>> * ALPN, offering h2
>> * ALPN, offering http/1.1
>> * successfully set certificate verify locations:
>> *   CAfile: none
>>   CApath: /etc/ssl/certs
>> * TLSv1.3 (OUT), TLS handshake, Client hello (1):
>> * OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to 127.0.0.1:3000 
>> * Closing connection 0
>> curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to 
>> 127.0.0.1:3000
>>
>> ~$ openssl s_client  -connect localhost:3000
>> CONNECTED(0003)
>> write:errno=104
>> ---
>> no peer certificate available
>> ---
>> No client certificate CA names sent
>> ---
>> SSL handshake has read 0 bytes and written 283 bytes
>> Verification: OK
>> ---
>> New, (NONE), Cipher is (NONE)
>> Secure Renegotiation IS NOT supported
>> Compression: NONE
>> Expansion: NONE
>> No ALPN negotiated
>> Early data was not sent
>> Verify return code: 0 (ok)
>> ---
>>
>> ~$ wget -v  https://localhost:3000
>> --2019-05-21 11:17:27--  https://localhost:3000/
>> Resolving localhost (localhost)... ::1, 127.0.0.1
>> Connecting to localhost (localhost)|::1|:3000... failed: Connection 
>> refused.
>> Connecting to localhost (localhost)|127.0.0.1|:3000... connected.
>> GnuTLS: Error in the pull function.
>> Unable to establish SSL connection.
>>
>> Am I doing something wrong, or is something wrong with Mojo's SSL 
>> implementation?
>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Mojolicious" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to mojol...@googlegroups.com .
>> To post to this group, send email to mojol...@googlegroups.com 
>> .
>> Visit this group at https://groups.google.com/group/mojolicious.
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/mojolicious/59b0dcdb-c5e2-47e9-9a61-72b9ee3bbd48%40googlegroups.com
>>  
>> 
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Mojolicious" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to mojolicious+unsubscr...@googlegroups.com.
To post to this group, send email to mojolicious@googlegroups.com.
Visit this group at https://groups.google.com/group/mojolicious.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/mojolicious/02377b24-6c8b-4856-9883-1c75bc676659%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.