Re: [modwsgi] Re: When use mod_wsgi.../apachectl status, Error loading https://localhost:443/server-status: SSL error

2018-02-21 Thread Rafael Karosuo 
Ohh ok testing right away!, thanks

-- 
You received this message because you are subscribed to the Google Groups 
"modwsgi" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to modwsgi+unsubscr...@googlegroups.com.
To post to this group, send email to modwsgi@googlegroups.com.
Visit this group at https://groups.google.com/group/modwsgi.
For more options, visit https://groups.google.com/d/optout.

Re: [modwsgi] Re: When use mod_wsgi.../apachectl status, Error loading https://localhost:443/server-status: SSL error

2018-02-21 Thread Rafael Karosuo 
BTW the things that did not show anything about the 443 were when mod_wsgi 
was off.

Because when I restart the mod_wsgi I can see the port being used by 
mod_wsgi when use

> sudo netstat -tulpn

also when I run

> lsof -i :443

 

>  

 

-- 
You received this message because you are subscribed to the Google Groups 
"modwsgi" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to modwsgi+unsubscr...@googlegroups.com.
To post to this group, send email to modwsgi@googlegroups.com.
Visit this group at https://groups.google.com/group/modwsgi.
For more options, visit https://groups.google.com/d/optout.

Re: [modwsgi] Re: When use mod_wsgi.../apachectl status, Error loading https://localhost:443/server-status: SSL error

2018-02-21 Thread Rafael Karosuo 
Ok, the apache instance that where active (for the cpanel/whm I suppose) is 
already disabled, I used
>
> WHM >> Home >> Service Configuration >> Service Manager

Because using:

> /usr/sbin/apachectl stop 


was temporal, cpanel/whm was looking for that process and if it was 
stopped, it can be re-started automatically. 

Anyway, so as far as I know, no other apache instance is running.
I ran

> lsof -i :443

nothing comes out.
Also ran

> sudo netstat -tulpn

And I can see the :80 port and :8000 port listening and being used by the 
mod_wsgi that I have as test on those ports, but no 443...

Actually I ran all the commands I found using *netstat* and non of them 
showed the 443 as listening port, could it be that the port is not open and 
listening? (just wandering)

Also ran

> traceroute -p 443 mytademex.com


 And it seems that no difference is detected when mod_wsgi is on or off.
Always hits
*With mod_wsgi stopped*
traceroute to mytademex.com (127.0.0.1), 30 hops max, 60 byte packets
 1  localhost (127.0.0.1)  0.078 ms  0.086 ms  0.037 ms
*With mod_wsgi started*
traceroute to mytademex.com (127.0.0.1), 30 hops max, 60 byte packets
 1  localhost (127.0.0.1)  0.124 ms  0.042 ms  0.052 ms

I also re-ran 

> telnet mytademex.com 443

 and it seems that just stop connection, so thinking that no one is 
listening?

> Trying 127.0.0.1...
> telnet: connect to address 127.0.0.1: Connection refused
> Trying 108.179.223.220...
> telnet: connect to address 108.179.223.220: Connection refused


Also tested the above telnet command and writing some http request

> Trying 127.0.0.1...
> Connected to mytademex.com.
> Escape character is '^]'.
> GET / HTTP/1.1 *###wrote this request*
> Host: mytademex.com *###wrote this request*
> HTTP/1.1 302 Found
> Date: Thu, 22 Feb 2018 03:27:46 GMT
> Server: Apache
> Location: https://mytademex.com:None/
> Content-Length: 211
> Connection: close
> Content-Type: text/html; charset=iso-8859-1
> 
> 
> 302 Found
> 
> Found
> The document has moved  href="https://mytademex.com:None/;>here.
> 
> Connection closed by foreign host.

 
I also tested the above with my mytademex.com:80 HTTPS instance that's 
running without any visible errors, and I have

> Trying 127.0.0.1...
> Connected to mytademex.com.
> Escape character is '^]'.
> GET / HTTP/1.1 *###My manual request*
> Host: mytademex.com *###My manual request*
> HTTP/1.1 302 Found
> Date: Thu, 22 Feb 2018 03:27:05 GMT
> Server: Apache
> Content-Length: 0
> Location: /login/
> x-xss-protection: 1; mode=block
> Vary: Cookie
> X-Frame-Options: DENY
> x-content-type-options: nosniff
> Connection: close
> Content-Type: text/html; charset=utf-8
> Connection closed by foreign host.


In which I can recognize the "location" part as "/login/" one of my urls. 

-- 
You received this message because you are subscribed to the Google Groups 
"modwsgi" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to modwsgi+unsubscr...@googlegroups.com.
To post to this group, send email to modwsgi@googlegroups.com.
Visit this group at https://groups.google.com/group/modwsgi.
For more options, visit https://groups.google.com/d/optout.

Re: [modwsgi] Re: When use mod_wsgi.../apachectl status, Error loading https://localhost:443/server-status: SSL error

2018-02-21 Thread Rafael Karosuo 
I restarted the mod_wsgi and ran curl -v https://mytademex.com from my 
ubuntu machine.
I have this result

> * Rebuilt URL to: https://mytademex.com/
> *   Trying 108.179.223.220...
> * Connected to mytademex.com (108.179.223.220) port 443 (#0)
> * found 148 certificates in /etc/ssl/certs/ca-certificates.crt
> * found 597 certificates in /etc/ssl/certs
> * ALPN, offering http/1.1
> * gnutls_handshake() failed: An unexpected TLS packet was received.
> * Closing connection 0
> curl: (35) gnutls_handshake() failed: An unexpected TLS packet was 
> received.



-- 
You received this message because you are subscribed to the Google Groups 
"modwsgi" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to modwsgi+unsubscr...@googlegroups.com.
To post to this group, send email to modwsgi@googlegroups.com.
Visit this group at https://groups.google.com/group/modwsgi.
For more options, visit https://groups.google.com/d/optout.

Re: [modwsgi] Re: When use mod_wsgi.../apachectl status, Error loading https://localhost:443/server-status: SSL error

2018-02-21 Thread Rafael Karosuo 

>
> Stop mod_wsgi-express and do the same thing.
>
curl -v https://mytademex.com
* About to connect() to mytademex.com port 443 (#0)
*   Trying 127.0.0.1... Connection refused
*   Trying 108.179.223.220... Connection refused
* couldn't connect to host
* Closing connection #0
curl: (7) couldn't connect to host
 

> Does it say can't even connect, or does it still connect?
>
Does not connect. 

> Do you have any environment variables that may be set which is causing a 
> proxy to be used?
>
I don't know, only env vars that I set are PYTHONPATH, and 
DJANGO_SETTINGS_MODULE
But the VPS has WHM and CPanel, I don't know if they have something set.

> If you have 'telnet' on the host, what happens if you type 'telnet 
> mytademex.com 443' and press return
>
*Before I stoped mod_wsgi*
Trying 127.0.0.1...
Connected to mytademex.com.
Escape character is '^]'. *### From top 127... to here is what appeared 
when I ran command*
hola  *### I typed this and hit enter again*
HTTP/1.1 400 Bad Request
Date: Thu, 22 Feb 2018 02:31:02 GMT
Server: Apache
Content-Length: 226
Connection: close
Content-Type: text/html; charset=iso-8859-1



400 Bad Request

Bad Request
Your browser sent a request that this server could not understand.


Connection closed by foreign host.
*After I stoped mod_wsgi*
Trying 127.0.0.1...
Connected to mytademex.com.
Escape character is '^]'.
hola
HTTP/1.1 400 Bad Request
Date: Thu, 22 Feb 2018 02:31:02 GMT
Server: Apache
Content-Length: 226
Connection: close
Content-Type: text/html; charset=iso-8859-1



400 Bad Request

Bad Request
Your browser sent a request that this server could not understand.


Connection closed by foreign host.

-- 
You received this message because you are subscribed to the Google Groups 
"modwsgi" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to modwsgi+unsubscr...@googlegroups.com.
To post to this group, send email to modwsgi@googlegroups.com.
Visit this group at https://groups.google.com/group/modwsgi.
For more options, visit https://groups.google.com/d/optout.

[modwsgi] Re: When use mod_wsgi.../apachectl status, Error loading https://localhost:443/server-status: SSL error

2018-02-21 Thread Rafael Karosuo 
Oh ok, I ran these one. 

> python manage.py runmodwsgi --setup-only --port=443 --user mytademe 
> --group mytademe --server-root=/etc/mod_wsgi-443 --server-name 
> mytademex.com --ssl-certificate /etc/pki/tls/certs/mytademex --https-only  
> --startup-log --access-log 


I have a VPS, so I did SSH to it, then ran the curl -v.

Got this...

* About to connect() to mytademex.com port 443 (#0)
> *   Trying 127.0.0.1... connected
> * Connected to mytademex.com (127.0.0.1) port 443 (#0)
> * Initializing NSS with certpath: sql:/etc/pki/nssdb
> *   CAfile: /etc/pki/tls/certs/ca-bundle.crt
>   CApath: none
> * NSS error -12263
> * Closing connection #0
> * SSL connect error
> curl: (35) SSL connect error
>

So I rechecked the base directory, then found that I have

> /etc/pki/tls/certs/
> mytademexCA_bundle.crt  mytademex.crt   mytademex.key


The CA one is the bundle that I think is the chain file, so I deleted it.

Ran again the command the command and tested the

> curl -v https://mytademex.com


And get the same:

> * About to connect() to mytademex.com port 443 (#0)
> *   Trying 127.0.0.1... connected
> * Connected to mytademex.com (127.0.0.1) port 443 (#0)
> * Initializing NSS with certpath: sql:/etc/pki/nssdb
> *   CAfile: /etc/pki/tls/certs/ca-bundle.crt
>   CApath: none
> * NSS error -12263
> * Closing connection #0
> * SSL connect error
> curl: (35) SSL connect error

 

-- 
You received this message because you are subscribed to the Google Groups 
"modwsgi" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to modwsgi+unsubscr...@googlegroups.com.
To post to this group, send email to modwsgi@googlegroups.com.
Visit this group at https://groups.google.com/group/modwsgi.
For more options, visit https://groups.google.com/d/optout.

[modwsgi] Re: When use mod_wsgi.../apachectl status, Error loading https://localhost:443/server-status: SSL error

2018-02-21 Thread Rafael Karosuo 
BTW, startup_log does not have anything at all.

-- 
You received this message because you are subscribed to the Google Groups 
"modwsgi" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to modwsgi+unsubscr...@googlegroups.com.
To post to this group, send email to modwsgi@googlegroups.com.
Visit this group at https://groups.google.com/group/modwsgi.
For more options, visit https://groups.google.com/d/optout.

[modwsgi] Re: When use mod_wsgi.../apachectl status, Error loading https://localhost:443/server-status: SSL error

2018-02-21 Thread Rafael Karosuo 
I just added the part of *--ssl-certificate*, now running

python manage.py runmodwsgi --setup-only --port=443 --user myuser --group 
> mygroup --server-root=/etc/mod_wsgi-443 --server-name mytademex.com 
> --ssl-certificate-file /etc/pki/tls/certs/mytademex.crt 
> --ssl-certificate-key-file /etc/pki/tls/certs/mytademex.key 
> --ssl-certificate-chain-file /etc/pki/tls/certs/mytademexCA_bundle.crt 
> --ssl-certificate /etc/pki/tls/certs/mytademex --https-only  --startup-log 
> --access-log


 but it still says the same *SSL_PROTOCOL_ERR* in my browser when I try to 
connect to the site.

I also tried adding "*localhost myhostname.com*" and "*my.ip myhostname.com*" 
at */etc/hosts* with no success.

I'm still not getting any error in my *error_log* and can not go into 
*apachectl status*

Any idea of what can I do to fix it?

Thanks again in advance

-- 
You received this message because you are subscribed to the Google Groups 
"modwsgi" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to modwsgi+unsubscr...@googlegroups.com.
To post to this group, send email to modwsgi@googlegroups.com.
Visit this group at https://groups.google.com/group/modwsgi.
For more options, visit https://groups.google.com/d/optout.

[modwsgi] Re: When use mod_wsgi.../apachectl status, Error loading https://localhost:443/server-status: SSL error

2018-02-15 Thread Rafael Karosuo 





I'm using django 1.11.4.
You were right, I had BASE_DIR poiting to (in this example names case) to 
/home/ser_user/my_project/my_project
I fixed and then ran the following
>
> source /sbenv/bin/activate

export DJANGO_SETTINGS_MODULE='my_project.settings.production' 

python manage.py diffsettings

Then I get that BASE_DIR is

> BASE_DIR='/home/server_user/my_project' # the top container


Where
-*my_project (the top container)*
manage.py
static
more dirs...(the django apps)
*my_project*
---wsgi.py
---urls.py
---settings
---base.py
---development.py
---production.py
 
Also had to modify the wsgi.py export DJANGO_SETTINGS_MODULE to my specific 
one (production.py), before it was the default.

Then, I can run correctly the command --setup-only to run the server in 
port 80 with HTTP.

Now, I when I use the SSL options, I'm still having the (
ERR_SSL_PROTOCOL_ERROR) and in this case when I run 
/etc/mod_wsgi-443/apachectl status, wheter if it is with a sudo or not, it 
says

> You don't have  permission to access /server-status on this server

With a title of "Forbidded"

My error_log says:


 
I ran the command



-- 
You received this message because you are subscribed to the Google Groups 
"modwsgi" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to modwsgi+unsubscr...@googlegroups.com.
To post to this group, send email to modwsgi@googlegroups.com.
Visit this group at https://groups.google.com/group/modwsgi.
For more options, visit https://groups.google.com/d/optout.

[modwsgi] Re: When use mod_wsgi.../apachectl status, Error loading https://localhost:443/server-status: SSL error

2018-02-13 Thread Rafael Karosuo 
I started testing the information you gave me.
I'm stuck with an import error since I used the server-root option.
I assumed that doing something like

> export PYTHONPATH='my_project_container_dir/my_parent_module'

would be enough before doing the *apachectl start* command, but it is not 
working correctly

Dir structure is as follows
my_project_container_dir/
   my_parent_module/
  __init__.py
  ...(urls, wsgi.py, etc)
  settings/
 __init__.py
 production.py
   ...(django apps, manage.py, etc, no __init__.py file)

When I check the *error_log*, it shows an *import error* saying that 
"my_project_container_dir" is not found.

At this point, I already set up the DJANGO_SETTINGS_MODULE correctly, after 
doing the *python manage.py runmodwsgi*, and *apachectl start*.

... I've tested that if I modify the DJANGO_SETTINGS_MODULE in manage.py I 
can patch this import error (but brake my internal references)
I think that the problem is not modifying the manage.py, but, is the 
manage.py executed after doing the apachectl start command? or can you 
please point me out what am I missing here?

Thanks a lot in advance for all of your help and time.

-- 
You received this message because you are subscribed to the Google Groups 
"modwsgi" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to modwsgi+unsubscr...@googlegroups.com.
To post to this group, send email to modwsgi@googlegroups.com.
Visit this group at https://groups.google.com/group/modwsgi.
For more options, visit https://groups.google.com/d/optout.

Re: [modwsgi] When use mod_wsgi.../apachectl status, Error loading https://localhost:443/server-status: SSL error

2018-02-12 Thread Rafael Karosuo 
OH!, thank you so much, this is a lot of new useful information.
I'm testing it right away.

Do you mean mod_wsgi-express, not mod_wsgi-httpd? Or are you actually using 
> both?
>
 I'm using the mod_wsgi as far as I know, since I use

python manage.py runmodwsgi --reload-on-changes

 And in my virtual env I have installed the mod_wsgi-httpd, and mod_wsgi.
A misunderstood that when installing mod_wsgi-httpd you had your configs in 
an independent mode (separate apache on /tmp for example), and when you 
don't install mod_wsgi-httpd you have it configured in the main apache 
installation, which is wrong.

I'm gonna try to use the mod_wsgi-express script instead of the above 
command then, to use what you suggested me.

Thanks again, I'll let you know if I solved it.

-- 
You received this message because you are subscribed to the Google Groups 
"modwsgi" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to modwsgi+unsubscr...@googlegroups.com.
To post to this group, send email to modwsgi@googlegroups.com.
Visit this group at https://groups.google.com/group/modwsgi.
For more options, visit https://groups.google.com/d/optout.