Ben, The errors in the log regarding 'Inbound closed before receiving peer's close_notify' and and the EOF are both normal and can be safely ignored. The stuff about SSL_NULL_WITH_NULL_NULL can also be safely ignored since that refers to the protocol used to setup the handshake when a connection is opened. (You can get rid of these messages by turning off jetty debug logging in the 'run-server' script.
Looking at greycells.eu, you don't appear to have applied the modified jar, since looking at socket.io.js line 980 still lists websockets as a possible (and the first) connection mechanism. You want to change this line in the jar to use 'xhr-polling' only. Ali On 6 October 2012 18:23, Ben Hegarty <heg...@gmail.com> wrote: > Hey Ali, > So I finally go my server setup using the SSL with the patches you > mentioned here and I seem to be getting an error in the log... > > https://docs.google.com/open?id=0B5FF_Ld8SzsNa3dwY1gwakhkdzQ > > Feel free to have a look yourself, greycells.eu, the above log is one > person logging in... > Regards > hegsie > > On Thu, Oct 4, 2012 at 3:27 PM, Ali Lown <a...@lown.me.uk> wrote: > >> Sorry, you are correct that the attachments don't go the list mailing >> list itself. >> >> I have put the files in my public dropbox space: >> Keytool: http://dl.dropbox.com/u/62577518/wave/keytool >> Server.config: http://dl.dropbox.com/u/62577518/wave/server.config >> >> Ali >> >> On 4 October 2012 12:06, Ben Hegarty <heg...@gmail.com> wrote: >> > Hey Ali, >> > I don't see you attachment of the config file, could you load it >> somewhere >> > other than here, I think the groups attachements get striped off? >> > Regards >> > hegsie >> > >> > On Thu, Sep 27, 2012 at 4:29 PM, Ali Lown <a...@lown.me.uk> wrote: >> > >> >> Ben, >> >> >> >> Sure. I have attached my server.config (note that I mostly just tack >> >> options on to the bottom as they get added to the WIAB code). >> >> >> >> I use iptables rules to move from 443 to 9898: >> >> >> >> -A PREROUTING -p tcp --destination 71.19.144.245 --dport 443 --j DNAT >> >> --to 71.19.144.245:9898 >> >> >> >> I use a StartSSL certificate (free), so in my keystore I have to >> >> include their intermediate certificate as well as my sites one. (Don't >> >> ask me how I got them there correctly, Java keystores are a pain and I >> >> have long since forgotten (There is some information in the README)) >> >> So, 'keytool -list -keystore wiab.ks' shows: >> >> >> >> Keystore type: JKS >> >> Keystore provider: SUN >> >> >> >> Your keystore contains 1 entry >> >> >> >> wave.eezysys.co.uk, Jan 18, 2012, PrivateKeyEntry, >> >> Certificate fingerprint (MD5): >> >> D0:F7:33:82:90:BA:85:0A:59:73:35:87:F4:E9:58:F2 >> >> >> >> Note that this key is made up of 3 certificates (in order: >> >> wave.eezysys.co.uk, StartSSL Class 1 Primary Intermediate Server CA, >> >> StartCom Certification Authority) >> >> See the attached 'keytool -list -v -keystore wiab.ks' >> >> >> >> Ali >> >> >> >> On 27 September 2012 16:17, Ben Hegarty <heg...@gmail.com> wrote: >> >> > Hey Ali, >> >> > I'm in the process of trying to set this up, is there any chance of >> >> seeing >> >> > how the ssl cert and ports configuration that you used from the >> >> > server.config file? >> >> > Regards >> >> > hegsie >> >> > >> >> > On Tue, Sep 25, 2012 at 10:33 AM, Ali Lown <a.lo...@gmail.com> wrote: >> >> > >> >> >> Comet isn't really an option. >> >> >> >> >> >> The socket.io code is still in the codebase, but if the browser is >> >> >> detected >> >> >> to have a websocket implementation they will be used instead. >> >> >> >> >> >> I was hoping to be able to remove the socket.io code soon since all >> >> major >> >> >> browsers now support websockets (ignoring IE<10). >> >> >> >> >> >> If you only care about it working for your own server, you can >> compile >> >> it >> >> >> with native websockets disabled using the patch here: >> >> >> >> >> >> >> >> >> https://github.com/alown/wave/commit/7b81a846263a89869ff853a051ef381ad4da02e2 >> >> >> You may also need the forced disabled socket.io patch here: >> >> >> >> >> >> >> >> >> https://github.com/alown/wave/commit/1bbc3db4449e92617cf1cf1c05c26144c4ee164a >> >> >> On 25 Sep 2012 10:21, "Ben Hegarty" <heg...@gmail.com> wrote: >> >> >> >> >> >> > Yep same as wave, firefox continually tries to authenticate and >> chrome >> >> >> just >> >> >> > dies straight away, not that I know what it is but could we fall >> back >> >> to >> >> >> > comet (because it seems to be ok) for situations like these? :( >> >> >> > >> >> >> > Bugger really wanted to be able to use wave, thanks again for all >> your >> >> >> help >> >> >> > Ali, you're a star. >> >> >> > Regards >> >> >> > hegsie >> >> >> > >> >> >> > On Tue, Sep 25, 2012 at 10:15 AM, Ali Lown <a.lo...@gmail.com> >> wrote: >> >> >> > >> >> >> > > authenticate >> >> >> > >> >> >> >> >> > >> >> > >> >> > >> >> > -- >> >> > Mobile Phone: +447767-322-122 >> >> > Work Phone: +4420 79485612 >> >> >> > >> > >> > >> > -- >> > Mobile Phone: +447767-322-122 >> > Work Phone: +4420 79485612 >> > > > > -- > Mobile Phone: +447767-322-122 > Work Phone: +4420 79485612
