Hi, I am running Zope 2.6.1 on Windows XP Pro. I am trying to get an SSL server running using the m2crypto stuff, following the instructions here: http://www.zope.org/Members/Ioan/ZopeSSL I have got it to a point where the SSL server starts up OK, and the web browser can conenct and do the initial key/certificate negotiation (as shown by browser popups complaining about the cert being out of date) The problem is that no content is visible in either the root or under /manage, and the console has the following error messages. I've tried it with both Mozilla and IE and the same thing happens with both browsers. Anyone got any idea what's going on? Thanks in advance, Mark --- 2003-04-29T13:26:45 INFO(0) ZServer recv: closing channel <ZServer.HTTPS_Server. zhttps_channel connected 127.0.0.1:2412 at 0xae26ac channel#: 0 requests:> unexpected eof ------ 2003-04-29T13:27:10 INFO(0) ZServer recv: closing channel <ZServer.HTTPS_Server. zhttps_channel connected 127.0.0.1:2413 at 0xae26ac channel#: 1 requests:> (0, 'Error') --- _____________________________________________________________________ This message has been checked for all known viruses by the RMS Services Ltd Virus Scanning Service. For further information visit http://www.rms.co.uk or call UK 01454 281265
Mark, It's hard to tell from the log messages, but based upon the fact that the browser seems to be quitting on your server, there's one thing you might want to try. I assume that you're using a self signed certificate. Many browsers (and some command line utilities) don't behave well if they do not recognize the certificate authority (CA) that generated the server certificate. When you are generating your own certificates, unless the browser is set up to handle unknown authorities, this is a common problem. I have better luck when I create my own certificate authority, and then *sign* my own server certificates with it. This is not hard; see the O'reilly book on OpenSSL for info. The certificate authority's public key can be posted somewhere that your users can see it (say, in the root of your document tree for your web server). If your doc tree is /u/www/htdocs/, you can put the public key of the CA into the file ca.crt, and tell your users to browse to: http://your_domain_name/ca.crt Most browsers will recognize ca.crt as a certificate, and will put up a set of dialogs to help the user import the certificate into the browser's database. Once this happens, they will browse https pages from your server without complaint, and are more likely to work correctly. I'm not sure how best to do this using Zope's ZServer, since I use apache for my Zope ssl pages, on a Linux box. But I'd guess it would work on a Windows host as well. Regards, Rob Mark Wheaton wrote:
Hi, I am running Zope 2.6.1 on Windows XP Pro. I am trying to get an SSL server running using the m2crypto stuff, following the instructions here:
http://www.zope.org/Members/Ioan/ZopeSSL
I have got it to a point where the SSL server starts up OK, and the web browser can conenct and do the initial key/certificate negotiation (as shown by browser popups complaining about the cert being out of date)
The problem is that no content is visible in either the root or under /manage, and the console has the following error messages. I've tried it with both Mozilla and IE and the same thing happens with both browsers.
Anyone got any idea what's going on?
Thanks in advance,
Mark
--- 2003-04-29T13:26:45 INFO(0) ZServer recv: closing channel <ZServer.HTTPS_Server. zhttps_channel connected 127.0.0.1:2412 at 0xae26ac channel#: 0 requests:> unexpected eof ------ 2003-04-29T13:27:10 INFO(0) ZServer recv: closing channel <ZServer.HTTPS_Server. zhttps_channel connected 127.0.0.1:2413 at 0xae26ac channel#: 1 requests:> (0, 'Error') ---
-- Rob Thorne Torenware Networks WWW: http://www.torenware.com
participants (2)
-
Mark Wheaton -
Rob Thorne