SSL Error with self-signed certificate in dev when using Chrome 70

Question

SSL Error with self-signed certificate in dev when using Chrome 70

eric-norcross opened this issue 6 years ago · comments

I'm using:

ruby 2.5.3
rails 5.1.6
puma 3.12.0
macOS 10.14.1
Chrome Version 70.0.3538.77 (Official Build) (64-bit)
I've created a self-signed certificate following the Heroku instructions here
I have the following in my hosts file:

    127.0.0.1	localhost
    255.255.255.255	broadcasthost
    ::1             localhost
    127.0.0.1 localhost.ssl

Added the self-signed certificate to my system keychain and always trusted it
In my puma config file, i'm starting puma with: ssl_bind '127.0.0.1', '8080', { key: 'localhost_ssl/server.key', cert: 'localhost_ssl/server.crt', verify_mode: 'none' }

When attempting to connect on Chrome 70, Chrome shows the following error

When accessing https://localhost:8080 on FireFox 63.0 (64-bit) I'm prompted to add a one-time security exception in order connect. Safari Version 12.0.1 has no issue connecting.

And puma logs the following: SSL error, peer: 127.0.0.1, peer cert: , #<Puma::MiniSSL::SSLError: OpenSSL error: error:141F7065:SSL routines:final_key_share:no suitable key share - 337604709>

Any advice would be appreciated.

Martin Galovič commented 5 years ago

+1

Eric Norcross · Answer 1 · Fri Nov 02 2018 00:27:26 GMT+0800 (China Standard Time)

Sorry, I meant this to be posted in the main puma branch

Dachi Natsvlishvili · Answer 2 · Sun Nov 11 2018 03:43:29 GMT+0800 (China Standard Time)

So, is there a solution?

Eric Norcross · Answer 3 · Thu Jan 31 2019 03:06:16 GMT+0800 (China Standard Time)

@dachinat @martingalovic - puma/puma#1670

Alan Norton · Answer 4 · Thu Mar 05 2020 04:07:27 GMT+0800 (China Standard Time)

Closing as this appears to be related to puma, not puma-dev.