I got a commercial SSL certificate installed on my ubuntu xenial machine.I tested the setup using a simple "Hello World" python https server. Everything is woorking good. I can hit the index page using https from anywhere from outside world.Also checked with "openssl s_client -connect" and it confiorms that certificate is using used properly. Now I started the xpra server following instructions here - Encryption/SSL – Xpra
| | | | | | | | | | | Encryption/SSL – Xpra xpra - screen for X | | | | Used following command :- xpra start :17 --start=xclock --bind-tcp=0.0.0.0:3001 --ssl=on --ssl-cert=/path/to/fullchain.pem --ssl-key=/ path/to/privatekey.pem ssl=https Now if I hit the webaddress from webbrowser with https, I get following error on browser ;- SSL received a record that exceeded the maximum permissible length. Error code: SSL_ERROR_RX_RECORD_TOO_LONG "openssl s_client -connect" is showing "connected" but giving an error 140770FC:SSL rountines:SSL23_GET_SERVER_HELLO:unknown_protocol:s23_clnt.c:794: XPRA server logs are showing "invalid packet header, SSL packet?" Any idea what is going on?I am doing iptable routing from 443 to 3001. This works just fine with the above mentioned "Hello World" python https server. It seems to me there is some problem with websockify's webserver is trying to attach certificates to wrong port or network interface. Any advice on how to debug this? Regards, Mukul _______________________________________________ shifter-users mailing list [email protected] http://lists.devloop.org.uk/mailman/listinfo/shifter-users
