-
Notifications
You must be signed in to change notification settings - Fork 102
Error with secure connection SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown #61
-
Hi
I have followed the instruction given in TLS.md to setup secure webserver.
My browser client & stunnel and wsserver running in my PC itself. It is working fine without secure connection.
I am getting below error message from stunnel whenever i am trying to connect using wss.
2022年08月23日 21:31:05 LOG5[3]: Service [https] accepted connection from 127.0.0.1:50354
2022年08月23日 21:31:05 LOG3[3]: SSL_accept: ssl/record/rec_layer_s3.c:1584: error:0A000416:SSL routines::sslv3 alert certificate unknown
STUNNEL CONFIGURATION
; TLS front-end to a web server
[https]
accept = 127.0.0.1:6009
connect = 127.0.0.1:6010
cert = server.pem
I could not understand what is wrong. Please can you help me on resolving this.
Beta Was this translation helpful? Give feedback.
All reactions
Hi @NathanMani,
I wasn't able to reproduce the exact same error message as you, but rather:
2022年08月26日 00:33:13 LOG7[0]: Service [wsServer] started
2022年08月26日 00:33:13 LOG7[0]: Setting local socket options (FD=3)
2022年08月26日 00:33:13 LOG7[0]: Option TCP_NODELAY set on local socket
2022年08月26日 00:33:13 LOG5[0]: Service [wsServer] accepted connection from 127.0.0.1:39428
2022年08月26日 00:33:13 LOG6[0]: Peer certificate not required
2022年08月26日 00:33:13 LOG7[0]: TLS state (accept): before SSL initialization
2022年08月26日 00:33:13 LOG3[0]: SSL_accept: ssl/record/ssl3_record.c:321: error:1408F09C:SSL routines:ssl3_get_record:http request
2022年08月26日 00:33:13 LOG5[0]: Connection reset: 0 byte(s) sent to ...Replies: 1 comment
-
Hi @NathanMani,
I wasn't able to reproduce the exact same error message as you, but rather:
2022年08月26日 00:33:13 LOG7[0]: Service [wsServer] started
2022年08月26日 00:33:13 LOG7[0]: Setting local socket options (FD=3)
2022年08月26日 00:33:13 LOG7[0]: Option TCP_NODELAY set on local socket
2022年08月26日 00:33:13 LOG5[0]: Service [wsServer] accepted connection from 127.0.0.1:39428
2022年08月26日 00:33:13 LOG6[0]: Peer certificate not required
2022年08月26日 00:33:13 LOG7[0]: TLS state (accept): before SSL initialization
2022年08月26日 00:33:13 LOG3[0]: SSL_accept: ssl/record/ssl3_record.c:321: error:1408F09C:SSL routines:ssl3_get_record:http request
2022年08月26日 00:33:13 LOG5[0]: Connection reset: 0 byte(s) sent to TLS, 0 byte(s) sent to socket
and I realized that this is a small error from wsServer, more specifically from echo.html: the example file was trying to connect via: ws://localhost:443, instead of wss://localhost:443 (note the extra 's') and so the browser did not know it was a secure connection.
Fixed that (6287e2a), now works without any issues.
You should now be able to connect without any issues. Please follow TLS.md carefully as there are many small details to follow.
Beta Was this translation helpful? Give feedback.