|
|
Boost Users : |
From: Osman Zakir (osmanzakir90_at_[hidden])
Date: 2022-07-21 01:31:48
Hello. Message for update to previously-reported issue.
It turns out that the "bad method" error was because of the boost::asio::ssl::context​ object methods I mentioned in the subject of this email. Reading the certs in from the files into std::string​s manually and using use_certificate​ and use_certificate_chain​ instead is better, at least from what I saw.
I still have an error in the browser (code: ERR_SSL_PROTOCOL_ERROR) when I try to visit my running app saying that the connection for the site isn't secure and that it gave back an invalid response. And running the command
openssl s_client -connect <ip_address>:5501 -servername dragonosman.dynu.net
​gave this result:
CONNECTED(00000148)
11784:error:1409442E:SSL routines:ssl3_read_bytes:tlsv1 alert protocol version:ssl\record\rec_layer_s3.c:1544:SSL alert number 70
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 322 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
​and when command exits, I see this error in my server console window:
Lines 625 and 626:
handshake: unsupported protocol (SSL routines, tls_early_post_process_client_hello)
Lines 646 and 647:
read: unspecified system error
​I'm assuming this is a HTTP/2 upgrade request inside a TLS ClientHello message, but is that enough reason for the SSL error I'm getting in my browser? Anyway, I've sent an email on the OpenSSL users mailing list to ask how to parse the ClientHello message, so hopefully I'll get something from there.
Boost-users list run by williamkempf at hotmail.com, kalb at libertysoft.com, bjorn.karlsson at readsoft.com, gregod at cs.rpi.edu, wekempf at cox.net