Vibe.D TLS problem
Dukc
ajieskola at gmail.com
Tue Oct 27 17:36:53 UTC 2020
I have a Vibe.D server binary that, locally at least, works. But
only without TLS. I want to add TLS to it and test it locally
with a self-signed certificate. I made one with LibreSSL, stored
in `cert.crt` and `key.key`. The application main function:
```
shared static this()
{ import vibe.d;
//the program does check the key files are there before
starting to listen
foreach(fileCheck;
[ tuple("salasanatiivisteet", "generoi salasanojen
tarkistuslista ennen palvelimen käynnistämistä,
salasanageneraattorilla"),
tuple("key.key", "TLS-avain puuttuu. Sen pitäisi olla
nimeltään key.key"),
tuple("cert.crt", "TLS-sertifikaatti puuttuu. Sen pitäisi
olla nimeltään cert.crt"),
])
if (!fileCheck[0].exists || !fileCheck[0].isFile)
{ fileCheck[1].logInfo;
return;
}
auto settings = new HTTPServerSettings;
enum portNumber = 8080;
settings.port = portNumber;
settings.bindAddresses = ["::1", "127.0.0.1"];
settings.sessionStore = new MemorySessionStore;
// these three lines added
settings.tlsContext = createTLSContext(TLSContextKind.server);
settings.tlsContext.useCertificateChainFile("cert.crt");
settings.tlsContext.usePrivateKeyFile("key.key");
// inrelevant stuff...
listenHTTP(settings, router);
}
```
It compiles and starts to listen just like normal, but when
trying to enter the localhost URL, the browser announces "the
connection was reset" and this is logged ten times in the server
side:
```
HTTP connection handler has thrown: Accepting SSL tunnel:
error:1408F09C:SSL routines:ssl3_get_record:http request
(336130204)
```
The server then resumes listening, printing another ten errors if
trying to re-enter the page. Linked openssl.sa is 1.1.1g (the
original, not LibreSSL). Relevant DUB package configuration:
```
"dependencies": {
"vibe-d": "~>0.9.2",
"vibe-d:tls": "*"
},
"subConfigurations": {"vibe-d:tls": "openssl-1.1"},
"versions": [ "VibeHighEventPriority" ],
"versions": [ "VibeDefaultMain" ]
```
More information about the Digitalmars-d-learn
mailing list