HTTPS with HTTP11Connection
deshmukhrajvardhan opened this issue · comments
Hi All,
What configurations (especially tls versions) do we need to use secure option on HTTP11Connection.
I keep getting error (check the last paragraph)
Client:
ssl_context = hyper.tls.init_context()
ssl_context.load_cert_chain(certfile='/mnt/QUIClientServer0/cert.crt', keyfile='/mnt/QUIClientServer0/cert.key')
ssl_context.load_verify_locations(cafile='/mnt/QUIClientServer0/cert.pem')
connection = hyper.HTTP11Connection('10.10.4.2', ssl_context= ssl_context, secure= True, port=9000)
http11_conn = connection.request('GET',parse_url.path)
f_conn=connection.get_response()
Server:
Caddy server
https://10.10.4.2:9000, https://www.yo.org, http://127.0.0.1, https://10.10.4.2:443
tls cert.crt cert.key {
protocols tls1.0
}
ERROR:
File "/mnt/QUIClientServer0/download_test_https1.py", line 28, in get_file
http11_conn = connection.request('GET',parse_url.path)
File "/usr/local/lib/python3.4/dist-packages/hyper/http11/connection.py", line 251, in request
self.connect() File "/mnt/QUIClientServer0/download_test_https1.py", line 28, in get_file
http11_conn = connection.request('GET',parse_url.path)
File "/usr/local/lib/python3.4/dist-packages/hyper/http11/connection.py", line 251, in request
self.connect()
File "/usr/local/lib/python3.4/dist-packages/hyper/http11/connection.py", line 198, in connect
sock, proto = wrap_socket(sock, self.host, self.ssl_context)
File "/usr/local/lib/python3.4/dist-packages/hyper/tls.py", line 46, in wrap_socket
ssl_sock = _ssl_context.wrap_socket(sock, server_hostname=server_hostname)
File "/usr/lib/python3.4/ssl.py", line 365, in wrap_socket
_context=self)
File "/usr/lib/python3.4/ssl.py", line 601, in __init__
self.do_handshake()
File "/usr/lib/python3.4/ssl.py", line 828, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:600)
File "/usr/local/lib/python3.4/dist-packages/hyper/http11/connection.py", line 198, in connect
sock, proto = wrap_socket(sock, self.host, self.ssl_context)
File "/usr/local/lib/python3.4/dist-packages/hyper/tls.py", line 46, in wrap_socket
ssl_sock = _ssl_context.wrap_socket(sock, server_hostname=server_hostname)
File "/usr/lib/python3.4/ssl.py", line 365, in wrap_socket
_context=self)
File "/usr/lib/python3.4/ssl.py", line 601, in __init__
self.do_handshake()
File "/usr/lib/python3.4/ssl.py", line 828, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:600)
Hi All,
I figured out that the error was that alpn on Caddy server is h2 by default, changed it to http/1.1 and it works perfectly.
Thanks