I am trying to connect UV4L to a Janus-gateway server, but receiving a SSL Exception on the UV4L client.
uv4l[294]: <warning> [server] Janus session error: SSL Exception
Its possible to send POST requests from the Pi Zero via cURL to the Janus-gateway server. But UV4l seems to have problems.
Setup
Pi Zero W
accessible via https (reverse proxy)
certficates generated via LetsEncrypt
Camera and UV4L installed
UV4L runs with http
Pi 4
accessible via https (reverse proxy)
certficates generated via LetsEncrypt
Janus-gateway installed
Would appreciate any help.
Related
I want to deploy a mern project on ssl. Currently it is running on server with ip address but when I deploy it on ssl it is not running. It is working fine on http.
I have change on node modules transport-node and make it http to https.
1-I am using nginx as proxy server
When I deploy on ssl it give error:-
1-emitter.js?8a6f:50 OPTIONS https://privateIp:port/ net::ERR_SSL_PROTOCOL_ERROR
2-websocket.js?0f24:6 WebSocket connection to 'ws://privateip/sockjs-node/831/bocznd0p/websocket' failed: Error during WebSocket handshake: Unexpected response code: 400
3- your request is http,while it is require https.(handshake problem)
I have an existing ssl certificate through LetsEncrypt for my domain. On the same server as my site I have an express app running at port :8080. Before adding the SSL to the domain I was able to make requests to http://domainname:8080.com. Now that the domain making the requests is https it obviously can't make those requests. If I instead make requests to https://domainname:8080.com, I get no response and instead get a timeout error.
I have attempted to curl -X -POST on the server manually and it returns (35) gnutls_handshake() failed: The TLS connection was non-properly terminated. If I however run the same command pointing to the non https domain it executes correctly. I also tried installing the https modules for express and pointing it to the same certs I'm using for the domain. For all my effort I cannot get this to work. What am I missing here? I want to make requests to a port on the same server that is serving my app.
Setup a reverse proxy in my nginx site config from the domain to the ip address the express server was running on. This solved all the issues I was having.
My base case is that my Meteor App runs perfectly on Opsworks.
I do a Meteor build, tweak the files and all is good (without HTTPS/SSL). I am not using METEORUP. I just upload my tweaked build file and deploy on opsworks.
Also, I am using the out of the box Opsworks HAPROXY loadbalancer.
I then install the SSL certificates for my app and set Meteor to list on PORT=443 as per screenshot:
In the browser, I see:
503 Service Unavailable
No server is available to handle this request.
In the log files I see:
Mar 8 03:22:51 nodejs-app1 monit[2216]: 'node_web_app_buzzy' start: /bin/bash
Mar 8 03:23:51 nodejs-app1 monit[2216]: 'node_web_app_buzzy' failed, cannot ope
n a connection to INET[127.0.0.1:443/] via TCPSSL
Any ideas welcome
Your HAproxy configuration is expecting meteor/node to respond with SSL.
It should instead, terminate SSL and talking to node/meteor in plain HTTP. This is because, meteor doesn't do SSL ; it expects a server in front to handle it.
Solution:
Update the frontend https-in section to terminate ssl and redirect to the http backend
defaults
#... add this line to enable the `X-Forwarded-For` header
option forwardfor
# ...
# .... update this section ...
frontend https-in
mode tcp
# this bit causes HAProxy to talk TLS rather than just forward the connection
bind :443 ssl crt /path/to/your/certificate
reqadd X-Forwarded-Proto:\ https
# now direct it to your plain HTTP application
acl nodejs_application_buzzy_domain_buzzy hdr_end(host) -i buzzy
use_backend nodejs_app_servers if nodejs_application_buzzy_domain_buzzy
I have one Custom Linux board on which I want to
run apache web server (httpd) to test HTML
and other web based pages.
I have configured, cross compiled and installed httpd (2.2.24, 2.4.1, 2.4.4 and 2.4.9 packages) on my Linux PC (Ubuntu 12.04 LTS) as well as
on my own custom Linux board. Then I have added support of SSL Module (mod_ssl) to test HTTP as well as HTTPS request.
Both HTTP and HTTPS request works fine without any issue on my Linux PC (Ubuntu 12.04 LTS). But when I tried to execute same HTTP request
on my Linux Board using httpd (2.4.4 and 2.4.9 with SSL Module Enabled) at that time browser page goes into loading state and can not be came out from that situation.
Also I have seen that HTTPS request works fine at that time ( not HTTP )
I have also did some debugging task through wire-shark tool and found that connection is established successfully after sending request through HTTP
but can not get response of that request. I have also found that response of that HTTP request received on wire-shark after closing that HTTP
requested page from browser.
Also, I can run HTTP and HTTPS requests successfully using httpd (2.2.24 and 2.2.27 with SSL Module enabled) on my Linux Board as well but failed to execute same request
using httpd (2.4.X with SSL Module enabled) package.
I have also changed some configurations by creating different virtual host for HTTP (Port 80) and HTTPS (Port 443) but still failed to
execute that HTTP request.
I have also tried to listen on different ports like (Listen 80 and Listen 8000) without SSL module (using httpd 2.4.4. and 2.4.9 ) at that
time HTTP request goes into loading state.
Basically all thing works in version 2.2.x but not in 2.4.x.
Does anyone has idea about this issue or help me to solve this type of issue?
I have faced similar type of problem while requesting HTTP Page on multiple Listen Directive in my custom linux board.
Please configure APR Package with ac_cv_o_nonblock_inherited=no flag and configured int with httpd package which will solve HTTP request failed issue on multiple Listen Port.
I have a RHEL5 server in a private zone. I've set up a transparent proxy for ports 80 and 443. When I try a wget on 443, I get the following:
# wget -O- https://www.google.com
--2013-02-14 15:16:50-- https://www.google.com/
Resolving www.google.com... 74.125.129.147, 74.125.129.104, 74.125.129.106, ...
Connecting to www.google.com|74.125.129.147|:443... connected.
OpenSSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol
Unable to establish SSL connection.
I assume the proxy works because it's connecting. I don't know what else could be causing this.
This OpenSSL error indicates that wget sent the initial SSL ClientHello message, but gets an unexpected response from the server (or proxy) which was not an SSL ServerHello message.
This can be because the proxy speaks plain HTTP with the client, instead of HTTPS, because of a configuration error (e.g. with squid if port 443 is redirected to a http_port instead of https_port with the transparent option), or because it does not support transparent proxying of SSL at all. To debug, you may try connecting to http://www.google.com:443/ to see what happens. To know what's going on, you might want to run tcpdump while connecting to see what the server responds with. Also check the error log of your transparent proxy.
Without the transparent proxy configuration it is hard to tell what the problem is.