New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SSL Errors - CherryPy Server - Version -> CherryPy==18.1.2 #1808
Comments
Is that the same traceback pasted twice? |
In the logs the error appears like that. The error is thrown twice in other words. I did not paste it 2X. :) |
I mean, there's one traceback in the other info section and behavior. Also, it looks like there's some duplicate text. Better paste the code here too. |
Also, I don't see any process crash. It's just a traceback. |
Oh, I posted the same 2 errors twice. 1 time in the "other information" section another time in the "what is the current behavior" section. |
Yes, the application/process does not crash until about a week or so. The errors are thrown as shown though frequently. |
So there's two separate problems:
|
What about: |
|
500 errors are normally not seen until I try and restart the crashed app server with cron. The SSL tracebacks are peppered throughout the error log but do not seem to impact the functionality. What I mean is there are not any 500 errors thrown from the SSL tracebacks or as a result of the SSL traceback errors. ^_^ |
I can assure you that those exceptions cause the web-server to return 500 Internal Server Error. Also, the restart scenario doesn't seem to be related. If new 500s appear then, look for tracebacks from those requests. |
Interesting. Okay. Thank-you for the help with this. I should probably read more in the documentation. :) |
Maybe this could be reproduced by not having a CA that issued the server cert in the client's chain of trust. |
Not sure what that means. I used the certificate from my domain that "letsencrypt" produced. 0_o |
Should I produce my own cert and private key for the application instead of using the domain's CA and PK? There is some helpful information on how to generate these in the cherrypy documentation at the following URL: https://docs.cherrypy.org/en/latest/deploy.html?highlight=ssl#ssl-support |
No, that's for self-signed certificates. I believe that some of your clients are sending you client certificates that you can't verify. |
Unlikely. That's a limitation of SSL Labs. |
I'm submitting a ...
Do you want to request a feature or report a bug?
Report bug
What is the current behavior?
Server throws traceback errors regarding the SSL certificate. Please see a couple of these errors as follows:
If the current behavior is a bug, please provide the steps to reproduce and if possible a screenshots and logs of the problem. If you can, show us your code.
Please see the code here: https://github.com/further-i-go-less-i-know/cherrypie-ssl-errors/blob/master/ssl_errors.py
I think this is enough to show the SSL configuration and maybe to reproduce the error. The application code is not here but the SSL configuration for the cherrpy server is.
What is the expected behavior?
To not see errors in the cherrypy_errors.log file and to not have the application server crash then start with a 500 error from a cron job. ^_^
What is the motivation / use case for changing the behavior?
Motivation and use case is to have a more reliable server that does not throw errors.
Please tell us about your environment:
OS: Ubuntu 18.04.2 LTS
Browser: Firefox 69.0.1 64-bit
Web Browser: iOS 12 Safari
Other information (e.g. detailed explanation, stacktraces, related issues, suggestions how to fix, links for us to have context, e.g. stackoverflow, gitter, etc.)
Everything seems to work even when the traceback errors appear complaining about the bad SSL certificate. I am using "LetsEncrypt" certificates from my domain. I am supplying the certificate and the private key to the configuration area of cherrpy. This can be seen in a GitHub repo I created to debug this at the following URL: https://github.com/further-i-go-less-i-know/cherrypie-ssl-errors/blob/master/ssl_errors.py
Eventually, the application crashes. I have noticed that the application crashes about 1 time a week. Then I have a script that is called via cron. The server starts up but anything entered into the form field of the application will result in a 500 error when the submit button is clicked. The error in the logs is regarding a bad SSL cert. Please see the stracktraces for this error as follows. These errors were taken while the server is still running even while throwing these SSL errors. The green check mark in the browser is still there also. There are not any warnings or anything. Well anyway please see the stacktraces again as follows:
Thank-you for reading all of this. :)
The text was updated successfully, but these errors were encountered: