From: Peter W. M. <pmo...@no...> - 2011-02-22 15:53:46
|
I'm attempting to enable ssl on an embedded yaws server. Can someone share an sconf record that enables ssl for an embedded yaws server? (assuming that is possible) I'm still new to erlang and yaws and struggling with syntax. Thank you, -PWM |
From: Per A. <avt...@gm...> - 2011-02-22 16:19:46
|
Hi! On Tue, Feb 22, 2011 at 4:53 PM, Peter W. Morreale <pmo...@no...> wrote: > I'm attempting to enable ssl on an embedded yaws server. > > Can someone share an sconf record that enables ssl for an embedded yaws > server? (assuming that is possible) This should be no different from an ordinary #sconf{}. I use the following with embedded yaws in production #sconf{listen = {0, 0, 0, 0}, port = 8000, servername = servername_here, docroot = "priv/docroot", appmods = [{"/", handler_app_here}], ssl = #ssl{depth = 0, cacertfile = "priv/ssl/cacert.pem", certfile = "priv/ssl/cert.pem", keyfile = "priv/ssl/key.pem"} } -- Per |
From: Peter W. M. <pmo...@no...> - 2011-02-23 18:47:04
|
On Tue, 2011-02-22 at 17:19 +0100, Per Andersson wrote: > Hi! > > On Tue, Feb 22, 2011 at 4:53 PM, Peter W. Morreale <pmo...@no...> wrote: > > I'm attempting to enable ssl on an embedded yaws server. > > > > Can someone share an sconf record that enables ssl for an embedded yaws > > server? (assuming that is possible) > > This should be no different from an ordinary #sconf{}. I use the following > with embedded yaws in production > > #sconf{listen = {0, 0, 0, 0}, > port = 8000, > servername = servername_here, > docroot = "priv/docroot", > appmods = [{"/", handler_app_here}], > ssl = #ssl{depth = 0, > cacertfile = "priv/ssl/cacert.pem", > certfile = "priv/ssl/cert.pem", > keyfile = "priv/ssl/key.pem"} > } > > > -- > Per Thanks Per. I still seem to have something wrong as I get the following crash upon accessing the website: =CRASH REPORT==== 23-Feb-2011::11:37:04 === crasher: initial call: yaws_server:acceptor0/2 pid: <0.82.0> registered_name: [] exception exit: {noproc, {gen_server,call, [ssl_connection_sup, {start_child, [server,"localhost",8001,#Port<0.1207>, {{ssl_options,[],verify_none, {#Fun<ssl.1.66525248>,[]}, false,false,undefined,0, "priv/ssl/cert.pem",undefined, "priv/ssl/key.pem",undefined, "<omitted>",undefined,[],undefined, undefined, [<<0,57>>, <<0,56>>, <<0,53>>, <<0,22>>, <<0,19>>, <<0,10>>, <<0,51>>, <<0,50>>, <<0,47>>, <<0,5>>, <<0,4>>, <<0,21>>, <<0,9>>], #Fun<ssl.0.5561466>,true, 18446744073709551900,false,[]}, {socket_options,binary,http,0,0,false}}, <0.82.0>, {gen_tcp,tcp,tcp_closed,tcp_error}]}, infinity]}} in function gen_server:call/3 I generated the self-signed cert with: % openssl req -new -x509 -days 3650 -keyout key.pem -out cert.pem -newkey rsa:2048 -subj "/CN=hermosa.morreale.net" and configured my embedded yaws server as: GC = yaws_config:make_default_gconf(false, "example"), SC = #sconf{ port = 8001, servername = "localhost", listen = {0, 0, 0, 0}, docroot = "/tmp", ssl = #ssl{depth=0, certfile = "priv/ssl/cert.pem", keyfile = "priv/ssl/key.pem", password = "<omitted>"}, appmods = [{"/", yaws_security_filterchain}] }, Not familar (yet ;) with reading crash messages, but it appears that I blew out attempting to start the ssl application, is that right? Please note that I am new to Erlang/OTP/yaws so I'm probably missing something simple. Please be gentle. ;-) Does the above look right? THanks for any and all pointers. Best, -PWM |
From: Per A. <avt...@gm...> - 2011-02-24 13:48:56
|
Hi! On Wed, Feb 23, 2011 at 7:46 PM, Peter W. Morreale <pmo...@no...> wrote: > On Tue, 2011-02-22 at 17:19 +0100, Per Andersson wrote: >> Hi! >> >> On Tue, Feb 22, 2011 at 4:53 PM, Peter W. Morreale <pmo...@no...> wrote: >> > I'm attempting to enable ssl on an embedded yaws server. >> > >> > Can someone share an sconf record that enables ssl for an embedded yaws >> > server? (assuming that is possible) >> >> This should be no different from an ordinary #sconf{}. I use the following >> with embedded yaws in production >> >> #sconf{listen = {0, 0, 0, 0}, >> port = 8000, >> servername = servername_here, >> docroot = "priv/docroot", >> appmods = [{"/", handler_app_here}], >> ssl = #ssl{depth = 0, >> cacertfile = "priv/ssl/cacert.pem", >> certfile = "priv/ssl/cert.pem", >> keyfile = "priv/ssl/key.pem"} >> } >> >> >> -- >> Per > > Thanks Per. I still seem to have something wrong as I get the following > crash upon accessing the website: > > > =CRASH REPORT==== 23-Feb-2011::11:37:04 === > crasher: > initial call: yaws_server:acceptor0/2 > pid: <0.82.0> > registered_name: [] > exception exit: {noproc, > {gen_server,call, > [ssl_connection_sup, > {start_child, > [server,"localhost",8001,#Port<0.1207>, > {{ssl_options,[],verify_none, > {#Fun<ssl.1.66525248>,[]}, > false,false,undefined,0, > "priv/ssl/cert.pem",undefined, > "priv/ssl/key.pem",undefined, > > "<omitted>",undefined,[],undefined, > undefined, > [<<0,57>>, > <<0,56>>, > <<0,53>>, > <<0,22>>, > <<0,19>>, > <<0,10>>, > <<0,51>>, > <<0,50>>, > <<0,47>>, > <<0,5>>, > <<0,4>>, > <<0,21>>, > <<0,9>>], > #Fun<ssl.0.5561466>,true, > 18446744073709551900,false,[]}, > > {socket_options,binary,http,0,0,false}}, > <0.82.0>, > {gen_tcp,tcp,tcp_closed,tcp_error}]}, > infinity]}} > in function gen_server:call/3 > > I generated the self-signed cert with: > > % openssl req -new -x509 -days 3650 -keyout key.pem -out cert.pem > -newkey rsa:2048 -subj "/CN=hermosa.morreale.net" > > and configured my embedded yaws server as: > > GC = yaws_config:make_default_gconf(false, "example"), > SC = #sconf{ > port = 8001, > servername = "localhost", > listen = {0, 0, 0, 0}, > docroot = "/tmp", > ssl = #ssl{depth=0, > certfile = "priv/ssl/cert.pem", > keyfile = "priv/ssl/key.pem", > password = "<omitted>"}, > appmods = [{"/", yaws_security_filterchain}] > }, > > Not familar (yet ;) with reading crash messages, but it appears that I > blew out attempting to start the ssl application, is that right? Don't worry, everyone has been a beginner. :-) Does your Erlang have ssl support? Check by running 1> m(ssl). -- Per > Please note that I am new to Erlang/OTP/yaws so I'm probably missing > something simple. Please be gentle. ;-) > > Does the above look right? > > THanks for any and all pointers. > > Best, > -PWM > > > |
From: Peter W. M. <pmo...@no...> - 2011-02-24 14:24:59
|
On Thu, 2011-02-24 at 14:48 +0100, Per Andersson wrote: > Hi! > > On Wed, Feb 23, 2011 at 7:46 PM, Peter W. Morreale <pmo...@no...> wrote: > > On Tue, 2011-02-22 at 17:19 +0100, Per Andersson wrote: > >> Hi! > >> > >> On Tue, Feb 22, 2011 at 4:53 PM, Peter W. Morreale <pmo...@no...> wrote: > >> > I'm attempting to enable ssl on an embedded yaws server. > >> > > >> > Can someone share an sconf record that enables ssl for an embedded yaws > >> > server? (assuming that is possible) > >> > >> This should be no different from an ordinary #sconf{}. I use the following > >> with embedded yaws in production > >> > >> #sconf{listen = {0, 0, 0, 0}, > >> port = 8000, > >> servername = servername_here, > >> docroot = "priv/docroot", > >> appmods = [{"/", handler_app_here}], > >> ssl = #ssl{depth = 0, > >> cacertfile = "priv/ssl/cacert.pem", > >> certfile = "priv/ssl/cert.pem", > >> keyfile = "priv/ssl/key.pem"} > >> } > >> > >> > >> -- > >> Per > > > > Thanks Per. I still seem to have something wrong as I get the following > > crash upon accessing the website: > > > > > > =CRASH REPORT==== 23-Feb-2011::11:37:04 === > > crasher: > > initial call: yaws_server:acceptor0/2 > > pid: <0.82.0> > > registered_name: [] > > exception exit: {noproc, > > {gen_server,call, > > [ssl_connection_sup, > > {start_child, > > [server,"localhost",8001,#Port<0.1207>, > > {{ssl_options,[],verify_none, > > {#Fun<ssl.1.66525248>,[]}, > > false,false,undefined,0, > > "priv/ssl/cert.pem",undefined, > > "priv/ssl/key.pem",undefined, > > > > "<omitted>",undefined,[],undefined, > > undefined, > > [<<0,57>>, > > <<0,56>>, > > <<0,53>>, > > <<0,22>>, > > <<0,19>>, > > <<0,10>>, > > <<0,51>>, > > <<0,50>>, > > <<0,47>>, > > <<0,5>>, > > <<0,4>>, > > <<0,21>>, > > <<0,9>>], > > #Fun<ssl.0.5561466>,true, > > 18446744073709551900,false,[]}, > > > > {socket_options,binary,http,0,0,false}}, > > <0.82.0>, > > {gen_tcp,tcp,tcp_closed,tcp_error}]}, > > infinity]}} > > in function gen_server:call/3 > > > > I generated the self-signed cert with: > > > > % openssl req -new -x509 -days 3650 -keyout key.pem -out cert.pem > > -newkey rsa:2048 -subj "/CN=hermosa.morreale.net" > > > > and configured my embedded yaws server as: > > > > GC = yaws_config:make_default_gconf(false, "example"), > > SC = #sconf{ > > port = 8001, > > servername = "localhost", > > listen = {0, 0, 0, 0}, > > docroot = "/tmp", > > ssl = #ssl{depth=0, > > certfile = "priv/ssl/cert.pem", > > keyfile = "priv/ssl/key.pem", > > password = "<omitted>"}, > > appmods = [{"/", yaws_security_filterchain}] > > }, > > > > Not familar (yet ;) with reading crash messages, but it appears that I > > blew out attempting to start the ssl application, is that right? > > Don't worry, everyone has been a beginner. :-) > > Does your Erlang have ssl support? Check by running > > 1> m(ssl). > Yep: 1> m(ssl). Module ssl compiled: Date: September 13 2010, Time: 17.12 .<expected exports omitted>... Hummm I created the certs using a FQDN, however I configure yaws for "localhost", I wonder if that is an issue? I'll see. Thx, -PWM > > -- > Per > > > Please note that I am new to Erlang/OTP/yaws so I'm probably missing > > something simple. Please be gentle. ;-) > > > > Does the above look right? > > > > THanks for any and all pointers. > > > > Best, > > -PWM > > > > > > |
From: Peter W. M. <pmo...@no...> - 2011-02-24 15:14:03
|
Do I need to add SSL to my supervisor tree? (Changing the 'serverhost' and specifying absolute paths to the certs had no effect) Thanks, -PWM On Thu, 2011-02-24 at 07:24 -0700, Peter W. Morreale wrote: > On Thu, 2011-02-24 at 14:48 +0100, Per Andersson wrote: > > Hi! > > > > On Wed, Feb 23, 2011 at 7:46 PM, Peter W. Morreale <pmo...@no...> wrote: > > > On Tue, 2011-02-22 at 17:19 +0100, Per Andersson wrote: > > >> Hi! > > >> > > >> On Tue, Feb 22, 2011 at 4:53 PM, Peter W. Morreale <pmo...@no...> wrote: > > >> > I'm attempting to enable ssl on an embedded yaws server. > > >> > > > >> > Can someone share an sconf record that enables ssl for an embedded yaws > > >> > server? (assuming that is possible) > > >> > > >> This should be no different from an ordinary #sconf{}. I use the following > > >> with embedded yaws in production > > >> > > >> #sconf{listen = {0, 0, 0, 0}, > > >> port = 8000, > > >> servername = servername_here, > > >> docroot = "priv/docroot", > > >> appmods = [{"/", handler_app_here}], > > >> ssl = #ssl{depth = 0, > > >> cacertfile = "priv/ssl/cacert.pem", > > >> certfile = "priv/ssl/cert.pem", > > >> keyfile = "priv/ssl/key.pem"} > > >> } > > >> > > >> > > >> -- > > >> Per > > > > > > Thanks Per. I still seem to have something wrong as I get the following > > > crash upon accessing the website: > > > > > > > > > =CRASH REPORT==== 23-Feb-2011::11:37:04 === > > > crasher: > > > initial call: yaws_server:acceptor0/2 > > > pid: <0.82.0> > > > registered_name: [] > > > exception exit: {noproc, > > > {gen_server,call, > > > [ssl_connection_sup, > > > {start_child, > > > [server,"localhost",8001,#Port<0.1207>, > > > {{ssl_options,[],verify_none, > > > {#Fun<ssl.1.66525248>,[]}, > > > false,false,undefined,0, > > > "priv/ssl/cert.pem",undefined, > > > "priv/ssl/key.pem",undefined, > > > > > > "<omitted>",undefined,[],undefined, > > > undefined, > > > [<<0,57>>, > > > <<0,56>>, > > > <<0,53>>, > > > <<0,22>>, > > > <<0,19>>, > > > <<0,10>>, > > > <<0,51>>, > > > <<0,50>>, > > > <<0,47>>, > > > <<0,5>>, > > > <<0,4>>, > > > <<0,21>>, > > > <<0,9>>], > > > #Fun<ssl.0.5561466>,true, > > > 18446744073709551900,false,[]}, > > > > > > {socket_options,binary,http,0,0,false}}, > > > <0.82.0>, > > > {gen_tcp,tcp,tcp_closed,tcp_error}]}, > > > infinity]}} > > > in function gen_server:call/3 > > > > > > I generated the self-signed cert with: > > > > > > % openssl req -new -x509 -days 3650 -keyout key.pem -out cert.pem > > > -newkey rsa:2048 -subj "/CN=hermosa.morreale.net" > > > > > > and configured my embedded yaws server as: > > > > > > GC = yaws_config:make_default_gconf(false, "example"), > > > SC = #sconf{ > > > port = 8001, > > > servername = "localhost", > > > listen = {0, 0, 0, 0}, > > > docroot = "/tmp", > > > ssl = #ssl{depth=0, > > > certfile = "priv/ssl/cert.pem", > > > keyfile = "priv/ssl/key.pem", > > > password = "<omitted>"}, > > > appmods = [{"/", yaws_security_filterchain}] > > > }, > > > > > > Not familar (yet ;) with reading crash messages, but it appears that I > > > blew out attempting to start the ssl application, is that right? > > > > Don't worry, everyone has been a beginner. :-) > > > > Does your Erlang have ssl support? Check by running > > > > 1> m(ssl). > > > > Yep: > > 1> m(ssl). > Module ssl compiled: Date: September 13 2010, Time: 17.12 > .<expected exports omitted>... > > Hummm I created the certs using a FQDN, however I configure yaws for > "localhost", I wonder if that is an issue? I'll see. > > > Thx, > -PWM > > > > > > -- > > Per > > > > > Please note that I am new to Erlang/OTP/yaws so I'm probably missing > > > something simple. Please be gentle. ;-) > > > > > > Does the above look right? > > > > > > THanks for any and all pointers. > > > > > > Best, > > > -PWM > > > > > > > > > > > > > ------------------------------------------------------------------------------ > Free Software Download: Index, Search & Analyze Logs and other IT data in > Real-Time with Splunk. Collect, index and harness all the fast moving IT data > generated by your applications, servers and devices whether physical, virtual > or in the cloud. Deliver compliance at lower cost and gain new business > insights. http://p.sf.net/sfu/splunk-dev2dev > _______________________________________________ > Erlyaws-list mailing list > Erl...@li... > https://lists.sourceforge.net/lists/listinfo/erlyaws-list |
From: Peter W. M. <pmo...@no...> - 2011-02-25 00:06:49
|
Got it. Turns out I need to enable some things in the maven configuration I am using for build/release as well as create a properly self-signed certificate. Thank you for your help. Best, -PWM On Thu, 2011-02-24 at 08:13 -0700, Peter W. Morreale wrote: > Do I need to add SSL to my supervisor tree? > > (Changing the 'serverhost' and specifying absolute paths to the certs > had no effect) > > Thanks, > -PWM > > On Thu, 2011-02-24 at 07:24 -0700, Peter W. Morreale wrote: > > On Thu, 2011-02-24 at 14:48 +0100, Per Andersson wrote: > > > Hi! > > > > > > On Wed, Feb 23, 2011 at 7:46 PM, Peter W. Morreale <pmo...@no...> wrote: > > > > On Tue, 2011-02-22 at 17:19 +0100, Per Andersson wrote: > > > >> Hi! > > > >> > > > >> On Tue, Feb 22, 2011 at 4:53 PM, Peter W. Morreale <pmo...@no...> wrote: > > > >> > I'm attempting to enable ssl on an embedded yaws server. > > > >> > > > > >> > Can someone share an sconf record that enables ssl for an embedded yaws > > > >> > server? (assuming that is possible) > > > >> > > > >> This should be no different from an ordinary #sconf{}. I use the following > > > >> with embedded yaws in production > > > >> > > > >> #sconf{listen = {0, 0, 0, 0}, > > > >> port = 8000, > > > >> servername = servername_here, > > > >> docroot = "priv/docroot", > > > >> appmods = [{"/", handler_app_here}], > > > >> ssl = #ssl{depth = 0, > > > >> cacertfile = "priv/ssl/cacert.pem", > > > >> certfile = "priv/ssl/cert.pem", > > > >> keyfile = "priv/ssl/key.pem"} > > > >> } > > > >> > > > >> > > > >> -- > > > >> Per > > > > > > > > Thanks Per. I still seem to have something wrong as I get the following > > > > crash upon accessing the website: > > > > > > > > > > > > =CRASH REPORT==== 23-Feb-2011::11:37:04 === > > > > crasher: > > > > initial call: yaws_server:acceptor0/2 > > > > pid: <0.82.0> > > > > registered_name: [] > > > > exception exit: {noproc, > > > > {gen_server,call, > > > > [ssl_connection_sup, > > > > {start_child, > > > > [server,"localhost",8001,#Port<0.1207>, > > > > {{ssl_options,[],verify_none, > > > > {#Fun<ssl.1.66525248>,[]}, > > > > false,false,undefined,0, > > > > "priv/ssl/cert.pem",undefined, > > > > "priv/ssl/key.pem",undefined, > > > > > > > > "<omitted>",undefined,[],undefined, > > > > undefined, > > > > [<<0,57>>, > > > > <<0,56>>, > > > > <<0,53>>, > > > > <<0,22>>, > > > > <<0,19>>, > > > > <<0,10>>, > > > > <<0,51>>, > > > > <<0,50>>, > > > > <<0,47>>, > > > > <<0,5>>, > > > > <<0,4>>, > > > > <<0,21>>, > > > > <<0,9>>], > > > > #Fun<ssl.0.5561466>,true, > > > > 18446744073709551900,false,[]}, > > > > > > > > {socket_options,binary,http,0,0,false}}, > > > > <0.82.0>, > > > > {gen_tcp,tcp,tcp_closed,tcp_error}]}, > > > > infinity]}} > > > > in function gen_server:call/3 > > > > > > > > I generated the self-signed cert with: > > > > > > > > % openssl req -new -x509 -days 3650 -keyout key.pem -out cert.pem > > > > -newkey rsa:2048 -subj "/CN=hermosa.morreale.net" > > > > > > > > and configured my embedded yaws server as: > > > > > > > > GC = yaws_config:make_default_gconf(false, "example"), > > > > SC = #sconf{ > > > > port = 8001, > > > > servername = "localhost", > > > > listen = {0, 0, 0, 0}, > > > > docroot = "/tmp", > > > > ssl = #ssl{depth=0, > > > > certfile = "priv/ssl/cert.pem", > > > > keyfile = "priv/ssl/key.pem", > > > > password = "<omitted>"}, > > > > appmods = [{"/", yaws_security_filterchain}] > > > > }, > > > > > > > > Not familar (yet ;) with reading crash messages, but it appears that I > > > > blew out attempting to start the ssl application, is that right? > > > > > > Don't worry, everyone has been a beginner. :-) > > > > > > Does your Erlang have ssl support? Check by running > > > > > > 1> m(ssl). > > > > > > > Yep: > > > > 1> m(ssl). > > Module ssl compiled: Date: September 13 2010, Time: 17.12 > > .<expected exports omitted>... > > > > Hummm I created the certs using a FQDN, however I configure yaws for > > "localhost", I wonder if that is an issue? I'll see. > > > > > > Thx, > > -PWM > > > > > > > > > > -- > > > Per > > > > > > > Please note that I am new to Erlang/OTP/yaws so I'm probably missing > > > > something simple. Please be gentle. ;-) > > > > > > > > Does the above look right? > > > > > > > > THanks for any and all pointers. > > > > > > > > Best, > > > > -PWM > > > > > > > > > > > > > > > > > > > > ------------------------------------------------------------------------------ > > Free Software Download: Index, Search & Analyze Logs and other IT data in > > Real-Time with Splunk. Collect, index and harness all the fast moving IT data > > generated by your applications, servers and devices whether physical, virtual > > or in the cloud. Deliver compliance at lower cost and gain new business > > insights. http://p.sf.net/sfu/splunk-dev2dev > > _______________________________________________ > > Erlyaws-list mailing list > > Erl...@li... > > https://lists.sourceforge.net/lists/listinfo/erlyaws-list > > > > ------------------------------------------------------------------------------ > Free Software Download: Index, Search & Analyze Logs and other IT data in > Real-Time with Splunk. Collect, index and harness all the fast moving IT data > generated by your applications, servers and devices whether physical, virtual > or in the cloud. Deliver compliance at lower cost and gain new business > insights. http://p.sf.net/sfu/splunk-dev2dev > _______________________________________________ > Erlyaws-list mailing list > Erl...@li... > https://lists.sourceforge.net/lists/listinfo/erlyaws-list |