You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Deepak Rokade <sm...@gmail.com> on 2014/06/13 11:13:51 UTC
[users] Re: Failed to setup proxy with SSL for gevent socket io server
Below are logs from apache server when I use mod_proxy.
[Wed Jun 11 08:00:36 2014] [debug] ssl_engine_io.c(1875):
+-------------------------------------------------------------------------+
[Wed Jun 11 08:00:36 2014] [info] Initial (No.1) HTTPS request received
for child 0 (server myserver:443)
[Wed Jun 11 08:00:36 2014] [debug] mod_proxy_http.c(56): proxy: HTTP:
canonicalising URL //myserver:8081//1/
[Wed Jun 11 08:00:36 2014] [debug] proxy_util.c(1513): [client
10.142.149.45] proxy: http: found worker http://myserver:8081/ for
http://myserver:8081//1/?t=1402495154750
[Wed Jun 11 08:00:36 2014] [debug] mod_proxy.c(1036): Running scheme http
handler (attempt 0)
[Wed Jun 11 08:00:36 2014] [debug] mod_proxy_http.c(1980): proxy: HTTP:
serving URL http://myserver:8081//1/?t=1402495154750
[Wed Jun 11 08:00:36 2014] [debug] proxy_util.c(2018): proxy: HTTP: has
acquired connection for (myserver)
[Wed Jun 11 08:00:36 2014] [debug] proxy_util.c(2074): proxy: connecting
http://myserver:8081//1/?t=1402495154750 to myserver:8081
[Wed Jun 11 08:00:36 2014] [debug] proxy_util.c(2200): proxy: connected
//1/?t=1402495154750 to myserver:8081
[Wed Jun 11 08:00:36 2014] [debug] proxy_util.c(2451): proxy: HTTP: fam 2
socket created to connect to myserver
[Wed Jun 11 08:00:36 2014] [debug] proxy_util.c(2583): proxy: HTTP:
connection complete to 72.163.134.157:8081 (myserver)
[Wed Jun 11 08:00:36 2014] [debug] mod_proxy_http.c(1746): proxy: start
body send
[Wed Jun 11 08:00:36 2014] [debug] mod_deflate.c(615): [client
10.142.149.45] Zlib: Compressed 21 to 23 : URL /socket.io/1/
[Wed Jun 11 08:00:36 2014] [debug] mod_proxy_http.c(1850): proxy: end body
send
[Wed Jun 11 08:00:36 2014] [debug] proxy_util.c(2036): proxy: HTTP: has
released connection for (myserver)
[Wed Jun 11 08:00:36 2014] [debug] ssl_engine_kernel.c(1884): OpenSSL:
Write: SSL negotiation finished successfully
[Wed Jun 11 08:00:36 2014] [info] [client 10.142.149.45] Connection closed
to child 0 with standard shutdown (server myserver:443)
On Fri, Jun 13, 2014 at 2:39 PM, Deepak Rokade <sm...@gmail.com> wrote:
>
> I am running my gevent socketio server on port 8081. My django website is
> running on port 8443 through https which is accessed by user from port 8080.
> I want to use proxy SSL connection for socketio server through mod_proxy.
> Below is what I am trying but when I access socketio URL , it gives me
> internal server error
>
> Below do not work
> my configuration in apache
> File : httpd.conf
>
> <VirtualHost *:8080>
> ServerName myserver
> Redirect permanent / https://myserver:8443/
> </VirtualHost>
>
> File : conf/extra/httpd-ssl.conf
>
> Listen 8443
> AddType application/x-x509-ca-cert .crt
> AddType application/x-pkcs7-crl .crl
> SSLPassPhraseDialog builtin
>
> <VirtualHost *:8443>
> DocumentRoot "/nobackup/drokade/Installations/release_test/client"
> ServerName myserver
> ServerSignature On
> ServerAdmin you@example.com
> ErrorLog
> "/nobackup/drokade/Installations/release_test/3rdparty/apache/logs/error_log"
> TransferLog
> "/nobackup/drokade/Installations/release_test/3rdparty/apache/logs/access_log"
> SSLEngine on
> SSLProtocol all -SSLv2
> SSLCipherSuite RC4-SHA:RC4-MD5:HIGH:MEDIUM:!ADH:!DSS:!SSLv2:+3DES
> SSLHonorCipherOrder on
> SSLCertificateFile
> "/nobackup/drokade/Installations/release_test/server.crt"
> SSLCertificateKeyFile
> "/nobackup/drokade/Installations/release_test/server.key"
> <FilesMatch "\.(cgi|shtml|phtml|php)$">
> SSLOptions +StdEnvVars
> </FilesMatch>
> <Directory
> "/nobackup/drokade/Installations/release_test/3rdparty/apache/cgi-bin">
> SSLOptions +StdEnvVars
> </Directory>
> BrowserMatch ".*MSIE.*" \
> nokeepalive ssl-unclean-shutdown \
> downgrade-1.0 force-response-1.0
> CustomLog
> "/nobackup/drokade/Installations/release_test/3rdparty/apache/logs/ssl_request_log"
> \
> "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
>
>
> SSLProxyEngine On
> ProxyRequests off
> <Proxy *>
> Order deny,allow
> Allow from all
> </Proxy>
>
> ProxyPass /socket.io http://myserver:8081/ retry=0
> ProxyPassReverse /socket.io http://myserver:8081/
> ProxyPreserveHost on
> ProxyTimeout 1200
>
> </VirtualHost>
>
>
> below is how I am starting my gevent socket server.
>
> hkeyfile=intracer_root_dir+os.path.sep+'server.key'
> hcertfile=intracer_root_dir+os.path.sep+'server.crt'
>
> # Loop forever for the events
> sio_server = SocketIOServer(
> (myserver,8081), MyApp(),
> policy_server=False,).serve_forever()
>
> Also below is how I am accessing the URL in the HTML page
>
> var sock_url="http://myserver:8080";
> socket = io.connect(sock_url);
>
> --
>
> Deepak Rokade
>
--
Deepak Rokade
[users] Re: Failed to setup proxy with SSL for gevent socket io server
Posted by Deepak Rokade <sm...@gmail.com>.
When I try as below , I am able to access my socketio server though I have
to accept exception twice:
my configuration in apache
File : httpd.conf
<VirtualHost *:8080>
ServerName myserver
Redirect permanent /socket.io https://myserver:8081/
Redirect permanent / https://myserver:8443/
</VirtualHost>
<VirtualHost *:8081>
DocumentRoot "/nobackup/drokade/Installations/release_rtt/client"
ServerName myserver
ServerAlias myserver
<Directory
"/nobackup/drokade/Installations/release_rtt/3rdparty/apache/cgi-bin">
Options All
AllowOverride All
Order allow,deny
Allow from all
</Directory>
ProxyRequests off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass /socket.io https://myserver:8081/ retry=0
ProxyPassReverse /socket.io https://myserver:8081/
ProxyPreserveHost on
ProxyTimeout 1200
LogLevel debug
AllowEncodedSlashes on
</VirtualHost>
File : conf/extra/httpd-ssl.conf
Listen 8443
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLPassPhraseDialog builtin
<VirtualHost *:8443>
DocumentRoot "/nobackup/drokade/Installations/release_test/client"
ServerName myserver
ServerSignature On
ServerAdmin you@example.com
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite RC4-SHA:RC4-MD5:HIGH:MEDIUM:!ADH:!DSS:!SSLv2:+3DES
SSLHonorCipherOrder on
SSLCertificateFile
"/nobackup/drokade/Installations/release_test/server.crt"
SSLCertificateKeyFile
"/nobackup/drokade/Installations/release_test/server.key"
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory
"/nobackup/drokade/Installations/release_test/3rdparty/apache/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
</VirtualHost>
below is how I am starting my gevent socket server.
hkeyfile= "/nobackup/drokade/Installations/release_test/server.key"
hcertfile= "/nobackup/drokade/Installations/release_test/server.crt"
# Loop forever for the events
sio_server = SocketIOServer(
(myserver,8081), MyApp(),
policy_server=False,
keyfile=hkeyfile, certfile=hcertfile).serve_forever()
Also below is how I am accessing the URL in the HTML page
var sock_url="http://myserver:8080";
socket = io.connect(sock_url);
On Fri, Jun 13, 2014 at 2:43 PM, Deepak Rokade <sm...@gmail.com> wrote:
>
> Below are logs from apache server when I use mod_proxy.
>
> [Wed Jun 11 08:00:36 2014] [debug] ssl_engine_io.c(1875):
> +-------------------------------------------------------------------------+
> [Wed Jun 11 08:00:36 2014] [info] Initial (No.1) HTTPS request received
> for child 0 (server myserver:443)
> [Wed Jun 11 08:00:36 2014] [debug] mod_proxy_http.c(56): proxy: HTTP:
> canonicalising URL //myserver:8081//1/
> [Wed Jun 11 08:00:36 2014] [debug] proxy_util.c(1513): [client
> 10.142.149.45] proxy: http: found worker http://myserver:8081/ for
> http://myserver:8081//1/?t=1402495154750
> [Wed Jun 11 08:00:36 2014] [debug] mod_proxy.c(1036): Running scheme http
> handler (attempt 0)
> [Wed Jun 11 08:00:36 2014] [debug] mod_proxy_http.c(1980): proxy: HTTP:
> serving URL http://myserver:8081//1/?t=1402495154750
> [Wed Jun 11 08:00:36 2014] [debug] proxy_util.c(2018): proxy: HTTP: has
> acquired connection for (myserver)
> [Wed Jun 11 08:00:36 2014] [debug] proxy_util.c(2074): proxy: connecting
> http://myserver:8081//1/?t=1402495154750 to myserver:8081
> [Wed Jun 11 08:00:36 2014] [debug] proxy_util.c(2200): proxy: connected
> //1/?t=1402495154750 to myserver:8081
> [Wed Jun 11 08:00:36 2014] [debug] proxy_util.c(2451): proxy: HTTP: fam 2
> socket created to connect to myserver
> [Wed Jun 11 08:00:36 2014] [debug] proxy_util.c(2583): proxy: HTTP:
> connection complete to 72.163.134.157:8081 (myserver)
> [Wed Jun 11 08:00:36 2014] [debug] mod_proxy_http.c(1746): proxy: start
> body send
> [Wed Jun 11 08:00:36 2014] [debug] mod_deflate.c(615): [client
> 10.142.149.45] Zlib: Compressed 21 to 23 : URL /socket.io/1/
> [Wed Jun 11 08:00:36 2014] [debug] mod_proxy_http.c(1850): proxy: end
> body send
> [Wed Jun 11 08:00:36 2014] [debug] proxy_util.c(2036): proxy: HTTP: has
> released connection for (myserver)
> [Wed Jun 11 08:00:36 2014] [debug] ssl_engine_kernel.c(1884): OpenSSL:
> Write: SSL negotiation finished successfully
> [Wed Jun 11 08:00:36 2014] [info] [client 10.142.149.45] Connection
> closed to child 0 with standard shutdown (server myserver:443)
>
>
> On Fri, Jun 13, 2014 at 2:39 PM, Deepak Rokade <sm...@gmail.com>
> wrote:
>
>>
>> I am running my gevent socketio server on port 8081. My django website
>> is running on port 8443 through https which is accessed by user from port
>> 8080.
>> I want to use proxy SSL connection for socketio server through mod_proxy.
>> Below is what I am trying but when I access socketio URL , it gives me
>> internal server error
>>
>> Below do not work
>> my configuration in apache
>> File : httpd.conf
>>
>> <VirtualHost *:8080>
>> ServerName myserver
>> Redirect permanent / https://myserver:8443/
>> </VirtualHost>
>>
>> File : conf/extra/httpd-ssl.conf
>>
>> Listen 8443
>> AddType application/x-x509-ca-cert .crt
>> AddType application/x-pkcs7-crl .crl
>> SSLPassPhraseDialog builtin
>>
>> <VirtualHost *:8443>
>> DocumentRoot "/nobackup/drokade/Installations/release_test/client"
>> ServerName myserver
>> ServerSignature On
>> ServerAdmin you@example.com
>> ErrorLog
>> "/nobackup/drokade/Installations/release_test/3rdparty/apache/logs/error_log"
>> TransferLog
>> "/nobackup/drokade/Installations/release_test/3rdparty/apache/logs/access_log"
>> SSLEngine on
>> SSLProtocol all -SSLv2
>> SSLCipherSuite RC4-SHA:RC4-MD5:HIGH:MEDIUM:!ADH:!DSS:!SSLv2:+3DES
>> SSLHonorCipherOrder on
>> SSLCertificateFile
>> "/nobackup/drokade/Installations/release_test/server.crt"
>> SSLCertificateKeyFile
>> "/nobackup/drokade/Installations/release_test/server.key"
>> <FilesMatch "\.(cgi|shtml|phtml|php)$">
>> SSLOptions +StdEnvVars
>> </FilesMatch>
>> <Directory
>> "/nobackup/drokade/Installations/release_test/3rdparty/apache/cgi-bin">
>> SSLOptions +StdEnvVars
>> </Directory>
>> BrowserMatch ".*MSIE.*" \
>> nokeepalive ssl-unclean-shutdown \
>> downgrade-1.0 force-response-1.0
>> CustomLog
>> "/nobackup/drokade/Installations/release_test/3rdparty/apache/logs/ssl_request_log"
>> \
>> "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
>>
>>
>> SSLProxyEngine On
>> ProxyRequests off
>> <Proxy *>
>> Order deny,allow
>> Allow from all
>> </Proxy>
>>
>> ProxyPass /socket.io http://myserver:8081/ retry=0
>> ProxyPassReverse /socket.io http://myserver:8081/
>> ProxyPreserveHost on
>> ProxyTimeout 1200
>>
>> </VirtualHost>
>>
>>
>> below is how I am starting my gevent socket server.
>>
>> hkeyfile=intracer_root_dir+os.path.sep+'server.key'
>> hcertfile=intracer_root_dir+os.path.sep+'server.crt'
>>
>> # Loop forever for the events
>> sio_server = SocketIOServer(
>> (myserver,8081), MyApp(),
>> policy_server=False,).serve_forever()
>>
>> Also below is how I am accessing the URL in the HTML page
>>
>> var sock_url="http://myserver:8080";
>> socket = io.connect(sock_url);
>>
>> --
>>
>> Deepak Rokade
>>
>
>
>
> --
>
> Deepak Rokade
>
--
Deepak Rokade