> On 23 Jun 2017, at 23:39, horrido <
[hidden email]> wrote:
>
> I get an "SSL Exception: accept failed [code:-5]" error. Is it because I have
> a self-signed cert?
>
> Apparently, it's failing on:
>
> result := self sslSession accept: in from: 1 to: count into: out.
Platform ? Pharo version ?
It also depends on how you made the certificate. Note that not all browsers like self-signed certificates.
It should work on Linux. This is how I once did it (making the certificate), in 2013-2014 (I know that others have managed to do this too):
====
sven@netbook:~/ssl$ openssl genrsa -out privkey.pem 1024
Generating RSA private key, 1024 bit long modulus
..........................................................++++++
.++++++
e is 65537 (0x10001)
sven@netbook:~/ssl$ openssl req -new -key privkey.pem -out certreq.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:BE
State or Province Name (full name) [Some-State]:
Locality Name (eg, city) []:Hasselt
Organization Name (eg, company) [Internet Widgits Pty Ltd]:STfx.eu
Organizational Unit Name (eg, section) []:
Common Name (e.g. server FQDN or YOUR name) []:Sven Van Caekenberghe
Email Address []:
[hidden email]Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
sven@netbook:~/ssl$ ls
certreq.csr privkey.pem
sven@netbook:~/ssl$ openssl x509 -req -days 3650 -in certreq.csr -signkey privkey.pem -out newcert.pem
Signature ok
subject=/C=BE/ST=Some-State/L=Hasselt/O=STfx.eu/CN=Sven Van Caekenberghe/emailAddress=
[hidden email]Getting Private key
sven@netbook:~/ssl$ ( openssl x509 -in newcert.pem; cat privkey.pem ) > server.pem
(ZnSecureServer on: 1443)
certificate: '/home/sven/ssl/server.pem';
logToTranscript;
start;
yourself.
====
> Sven Van Caekenberghe-2 wrote
>> Hi,
>>
>>> On 23 Jun 2017, at 20:41, horrido <
>
>> horrido.hobbies@
>
>> > wrote:
>>>
>>> Okay, so I have my nice little Teapot app, but I'd like to run it as
>>> HTTPS.
>>> As far as I can understand, to do this I must go through Zinc. However,
>>> the
>>> docs on the web seem rather out of date. For example, I do not have
>>> ZnZincServerAdapter (in Pharo 5.0).
>>
>> ZnZincServerAdapter is specific for Seaside.
>>
>>> In the simplest terms, how do I support HTTPS? (I've created my
>>> self-signed cert.)
>>
>> (ZnSecureServer on: 1443)
>> certificate: '/home/sven/ssl/key-cert.pem';
>> logToTranscript;
>> start;
>> yourself.
>>
>> I don't know how Teapot is implemented, but it uses Zinc, so somehow it
>> will work. You should figure where/how it creates/starts its ZnServer.
>>
>> Note that this might not run on every platform (it depends on the SSL
>> plugin, I know Linux used to work).
>>
>> Sven
>>
>>> Thanks.
>>>
>>>
>>>
>>> --
>>> View this message in context:
>>>
http://forum.world.st/How-to-use-HTTPS-SSL-with-Zinc-tp4952461.html>>> Sent from the Pharo Smalltalk Users mailing list archive at Nabble.com.
>>>
>
>
>
>
>
> --
> View this message in context:
http://forum.world.st/How-to-use-HTTPS-SSL-with-Zinc-tp4952461p4952476.html> Sent from the Pharo Smalltalk Users mailing list archive at Nabble.com.
Locked
Jun 23, 2017; 6:41pm
