My domain is: https://socialsend.org
I ran this command: sudo certbot --apache
My web server is (include version): apache 2.4
The operating system my web server runs on is (include version): it is ubuntu 16
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no
The main domain or the inner urls does not have any issue but I am using socket connection on port 8081 and getting error for the
url example:
https://socialsend.org:8081/socket.io/?EIO=3&transport=polling&t=MQuOyUi
Error:
Failed to load resource: net::ERR_SSL_VERSION_OR_CIPHER_MISMATCH
rg305
October 28, 2018, 3:21am
2
I’m unable to connect securely to https://socialsend.org:8081/
It seems that port 8081 is not being served with the same protocols/ciphers as https://socialsend.org:443/ [which works correctly]
Can you provide more detail on the port 8081 vhost config?
Yeah because if I add port 8081 inside the apache it will consider https://socialsend.org:8081/socket.io and
https://socialsend.org/socket.io as same url then I will get error that the urls does not exist (as they are not in my laravel route system)
rg305
October 28, 2018, 4:09am
4
I’m not sure I follow.
Using a separate vhost config for port 8081, Apache can:
Reach a different document root.
Reach a different internal system [by proxy].
If they are completely separate systems that can’t see each other…
Then how will you be getting them to use the same cert?
I have 2 platform on my server:
1- laravel which is the default url such as https://socialsend.org:443/ or https://socialsend.org/
2- Nodejs which I assign using port 8081 so https://socialsend.org:443/ and https://socialsend.org:8081/ should not call same url, https://socialsend.org:443/ is calling default url which is fine. but if inside ports.conf of apache I add 8081 as below then it will treat https://socialsend.org:8081/ and https://socialsend.org/ same
Listen 0.0.0.0:80
<IfModule ssl_module>
Listen 0.0.0.0:443
Listen 0.0.0.0:8081
</IfModule>
But I did not define anything for url with port 8081 without ssl before, I mean http://socialsend.org:8081/socket.io was working fine before without touching apache, I just installed nodejs and define socketjs file and it worked, now you mean for ssl I should define path for port 8081 inside apache, I do not even know what path I should give too…
I think most likely the problem is from cert file, because normal combo ssl that I bought before did not have this issue…
rg305
October 28, 2018, 6:43am
7
What does the vhost/configuration file look like that serves port 8081?
You don’t have to serve port 8081 from Apache - if nodejs can serve it and be reached from the Internet.
I only offered that to maybe resolve the problem.
The trouble is: I don’t yet really understand the problem well enough to give you any advice.
Do you want the nodejs port 8081 site to be reached from the Internet?
Yes I want the nodejs socket reached through port 8081 with https
rg305
October 28, 2018, 6:58am
9
Ok then the nodejs and Apache configs should remain separate (for now).
Can you show the nodejs config that covers port 8081?
rg305
October 28, 2018, 7:07am
11
And also the nodejs version.
Are you able to successfully connect to port 8081 from any IP (internal or external)?
What version of OpenSSL is installed? (or whatever TLS libraries nodejs relies on)
Yes can call through IP without any issue,
Nodejs version is v4.2.6
openssl:
Installed: 1.1.0h-2.0+ubuntu16.04.1+deb.sury.org+1
Candidate: 1.1.0h-2.0+ubuntu16.04.1+deb.sury.org+1
Version table:
*** 1.1.0h-2.0+ubuntu16.04.1+deb.sury.org+1 500
500 http://ppa.launchpad.net/ondrej/php/ubuntu xenial/main amd64 Packages
100 /var/lib/dpkg/status
1.0.2g-1ubuntu4.13 500
500 http://archive.ubuntu.com/ubuntu xenial-updates/main amd64 Packages
500 http://security.ubuntu.com/ubuntu xenial-security/main amd64 Packages
1.0.2g-1ubuntu4 500
500 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages
rg305
October 28, 2018, 7:19am
13
nodejs stable is now at version 8.12.0 [LTS]
and 11.0.0 for latest features.
I think maybe you are due for an upgrade.
Or maybe changing:
var server = require('http').Server();
to
var server = require('https').Server();
was NOT the correct way to implement https.
Shouldn’t it be more like:
… server = tls.createServer
…
I see ‘server
’, but where do you define ‘Server
’ ?
system
Closed
November 27, 2018, 7:19am
14
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.