Trying to setup a virtual host with SSL enabled on my opdk setup here. No matter what SSL certficate we use (Verisign/selfsigned) , we are not able to make a successful connection to the VH.
Opdk version: 15.04
# mycurl http://localhost:8080/v1/o/myorg/e/myenv/virtualh...
{ "hostAliases" : [ "api-perf.mydomain.com", "api-perf.mydomain.com:*" ], "interfaces" : [ "eth0" ], "name" : "TEST_SSL_VH", "port" : "7443", "sSLInfo" : { "ciphers" : [ ], "clientAuthEnabled" : false, "enabled" : true, "ignoreValidationErrors" : false, "keyAlias" : "TestSSLKeystore", "keyStore" : "TestSSLKeystore", "protocols" : [ ] } }
# openssl s_client -connect 10.10.2.36:7443 CONNECTED(00000003) 139755188246176:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:177: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 0 bytes and written 225 bytes --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE ---
can you try ?
curl -v -k 'https://10.10.2.36:7443'
Here you go.
$ curl -v -k 'https://10.10.2.36:7443' * About to connect() to 10.10.2.36 port 7443 (#0) * Trying 10.10.2.36... connected * Connected to 10.10.2.36 (10.10.2.36) port 7443 (#0) * Initializing NSS with certpath: sql:/etc/pki/nssdb * warning: ignoring value of ssl.verifyhost * NSS error -5938 * Closing connection #0 * SSL connect error curl: (35) SSL connect error
Is the proxy deployed on the VHost? Only when a proxy is deployed to use the Vhost/Port combination will the port start listening and you will be able to make a SSL connection. Just creating a VHost configuration will not make the endpoint operational.
User | Count |
---|---|
1 | |
1 | |
1 | |
1 | |
1 |