I run the command to generate certificates: *web2py.py --ssl_certificate=D:\certificates\server.crt --ssl_private_key=D:\certificates\server_key.key --ca-cert=D:\certificates\server.crt*
And when I run this, It gives warning message on command prompt: *WARNING:web2py:unable to open SSL certificate. SSL is OFF* and on browser it display following error message: *SSL received a record that exceeded the maximum permissible length. (Error code: ssl_error_rx_record_too_long)* So no idea, how to resolve this? Thanks, Amit On Mon, Nov 5, 2012 at 4:10 PM, Niphlod <niph...@gmail.com> wrote: > the usual > > openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout mysitename.key > -out mysitename.crt > > works ok. > > Il giorno lunedì 5 novembre 2012 03:48:43 UTC+1, Amit ha scritto: >> >> Thanks Niphold for replying. How can I create server cetificate, CA >> certificate and client certificate without password? I am using simpatica >> application to create all these certificates on windows XP machine and this >> application doesn't allow to create certificates without password so if you >> know any other way to create these certificates without password on windows >> then please do share me. >> >> waiting for your response. >> >> Thanks, >> Amit >> >> On Fri, Nov 2, 2012 at 6:23 PM, Niphlod <nip...@gmail.com> wrote: >> >>> certs are supposed to be generated without passwords. Even in apache, >>> etc, if you protect them with a password it will be asked every time the >>> process is started, and web2py (rocket) doesn't support that. >>> >>> >>> On Friday, November 2, 2012 6:21:00 AM UTC+1, Amit wrote: >>>> >>>> Hi , >>>> >>>> I generated CA certificates, private key, server certificate and client >>>> certificate using “Simpatica” application developed in web2py. >>>> >>>> But when I tried to deploy the certificates to rocket server using >>>> below command on windows XP machine: >>>> >>>> >>>> >>>> D:\web2py2.1.1\web2py>web2py.**p**y --ssl_certificate=D:\**certifica** >>>> tes\server\cert.pe >>>> >>>> m --ssl_private_key=D:\**certifica**tes\private_key\**cacert.key >>>> --ca-cert=D:\certific >>>> >>>> ates\CA_certificate\cacrt.pem >>>> >>>> >>>> >>>> It starts web2py server dialog asking about password and after giving >>>> password, it displays below information on the command prompt: >>>> >>>> >>>> >>>> No handlers could be found for logger "web2py" >>>> >>>> web2py Web Framework >>>> >>>> Created by Massimo Di Pierro, Copyright 2007-2012 >>>> >>>> Version 2.1.1 (2012-10-15 12:44:40) stable >>>> >>>> Database drivers available: SQLite(sqlite3), MySQL(pymysql), >>>> PostgreSQL(pg8000), >>>> >>>> IMAP(imaplib) >>>> >>>> please visit: >>>> >>>> https://127.0.0.1:8000 >>>> >>>> starting browser... >>>> >>>> Enter PEM pass phrase: >>>> >>>> Enter PEM pass phrase: >>>> >>>> Enter PEM pass phrase: >>>> >>>> >>>> >>>> As per the sequence of certificates on command line, I gave password >>>> for e.g. for cert.pem(server certificate file) , I have given Server@123, >>>> and for cacert.key(CA private key) and cacert.pem(CA certificate) , I have >>>> given test123. >>>> >>>> NOTE: These passwords are used while generating the respective >>>> certificates means for generating cert.pem , I used Server@123 and so >>>> on. >>>> >>>> So on above scenario , I have given password Server@123,test123 and >>>> test123 on command prompt but it is giving following error on browser: >>>> >>>> >>>> >>>> *Secure Connection Failed >>>> >>>> An error occurred during a connection to 127.0.0.1:8000. >>>> >>>> Cannot communicate securely with peer: no common encryption >>>> algorithm(s). >>>> >>>> (Error code: ssl_error_no_cypher_overlap) >>>> >>>> The page you are trying to view cannot be shown because the >>>> authenticity of the received data could not be verified. >>>> Please contact the website owners to inform them of this problem. >>>> Alternatively, use the command found in the help menu to report this broken >>>> site.* >>>> >>>> >>>> >>>> >>>> >>>> Could anyone please help me out to resolve this issue? >>>> >>>> >>>> >>>> Regards, >>>> >>>> Amit >>>> >>> -- >>> >>> >>> >>> >> >> -- > > > > --