apache - Why isn't curl working with my TLS ngrok tunnel? -

-

when run curl --insecure 'https://foo.ngrok.io/page' on tls tunnel apache ip-based virtual host, "400 bad request" response saying "your browser sent request server not understand...reason: you're speaking plain http ssl-enabled server port...instead use https scheme access url, please."

however if use curl make request directly localhost address e.g. curl --insecure 'https://foo/page' correct response. also, if make request in browser https://foo.ngrok.io/page correct response.

i'm running: os x 10.9.5, apache 2.4, ngrok2, , curl 7.43.0. ssl certificate self-signed.

what noticed access log when use curl on foo.ngrok.io http/1.1 requests changed http/1.0 requests. also, here's corresponding relevant bits error log:

ssl_engine_kernel.c(1824): [client 127.0.0.2:50517] openssl: exit: error in sslv2/v3 read client hello [client 127.0.0.2:50517] ah01996: ssl handshake failed: http spoken on https port; trying send html error page ssl library error: error:1407609c:ssl routines:ssl23_get_client_hello:http request -- speaking http https port!? protocol.c(616): [client 127.0.0.2:50517] request received client: / http/1.0 http_filters.c(1042): [client 127.0.0.2:50517] response sent status 400, headers:

apache virtual host configuration 

listen 127.0.0.2:443 <virtualhost 127.0.0.2:443>         servername foo         documentroot /users/me/site         errorlog "/usr/local/var/log/apache2/foo_error_log"         customlog "/usr/local/var/log/apache2/foo_access_log" common         <directory "/users/me/site">                 allowoverride                 allow                 options -indexes         </directory>         <ifmodule ssl_module>                 sslengine on                 <directory "/users/me/site">                         ssloptions +stdenvvars                 </directory>                 sslcertificatekeyfile "/usr/local/etc/apache2/2.4/ssl/foo.key"                 sslcertificatefile "/usr/local/etc/apache2/2.4/ssl/foo.crt"         </ifmodule> </virtualhost>

apache ssl configuration 

sslrandomseed startup file:/dev/urandom 512 sslrandomseed connect file:/dev/urandom 512 sslciphersuite high:medium:!anull:!md5 sslpassphrasedialog  builtin sslsessioncache "shmcb:/usr/local/var/run/apache2/ssl_scache(512000)" sslsessioncachetimeout 300

ngrok.yml configuration 

authtoken: <omitted> tunnels:   foo:     addr: 127.0.0.2:443     proto: tls     hostname: "foo.ngrok.io"

currently, http client (curl, browser, etc) must support sni in order communicate ngrok on https. implicates both tls , http ngrok tunnels.


Comments

Post a Comment

Popular posts from this blog

yii2 - Yii 2 Running a Cron in the basic template -

-
i have seen instructions on running cron in advanced template, cant figure out how on basic template. have following controller in basic controllers folder. <?php namespace app\controllers; use yii\console\controller; /** * cron controller */ class croncontroller extends controller { public function actionindex() { echo "cron service runnning"; } public function actionmail($to) { echo "sending mail " . $to; } } i have navigated root of application , tried these comands yii cron php yii cron im getting unknown comand "cron" i know old question failed find actual answer this. if @ code yii exec file you'll notice requires /common/config/aliases.php file console/config/main.php. can naturally change these or copy on these advanced template. hope solves problem wanting same thing.
Read more

asp.net - 'System.Web.HttpContext' does not contain a definition for 'GetOwinContext' Mystery -

-
i realize question might seem trivial some, it's these types of things find myself fighting quite bit , want make sense of despite seeming losing battle in .net (for me anyway). so, if following: using system.web; ... applicationuser user = system.web.httpcontext.getowincontext().getusermanager<applicationusermanager>().findbyid(system.web.httpcontext.user.identity.getuserid()); that produces error in title , red getowincontext() , error cannot resolve symbol 'getowincontext()' however, if following (remove system.web in front of httpcontext ), works expected (or @ least no errors): using system.web; ... applicationuser user = httpcontext.getowincontext().getusermanager<applicationusermanager>().findbyid(system.web.httpcontext.user.identity.getuserid()); however, if (same line that's working using system.web commented out): //using system.web; ... applicationuser user = httpcontext.getowincontext().getusermana...
Read more

mercurial graft feature, can it copy? -

-
there new feature in mercurial 3, called 'graft' (graft local). job of moving change-set different branch. is there way "copy" change-set branch? i interested in in moving stuff qa branch production branch, still need code reside in qa. want copy. found , have tried few things, maybe it'll become clear more tinkering , reading... does have better way of 'cherry picking' change-sets move cross branch (or trunk)??? graft copies changesets, doesn't move them. hg graft (emphasis mine): this command uses mercurial's merge logic copy individual changes other branches without merging branches in history graph. known 'backporting' or 'cherry-picking' . default, graft copy user, date, , description source changesets.
Read more