Connect to jetconf server with SSL certificate
Hi I am new to jetconf. I am successfully able to connect curl base client to the jetconf server without certificate validation steps. But when i enabling the 'DBG_DISABLE_CERTS' flag, I facing problem("OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to 127.0.0.1:8443") to connect the client to the server.
So, Can you provide me a little guidance for that issue.
REQUEST
curl -v --http2 -k --cert-type PEM -E /home/karan/jay/RESTCONF/jetconf-master/data/example-client.pem -X GET https://10.102.3.205:8443/restconf/data/
CLIENT RESPONSE
Note: Unnecessary use of -X or --request, GET is already inferred.
- Trying 10.102.3.205...
- TCP_NODELAY set
- Connected to 10.102.3.205 (10.102.3.205) port 8443 (#0)
- ALPN, offering h2
- ALPN, offering http/1.1
- Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
- successfully set certificate verify locations:
- CAfile: /etc/ssl/certs/ca-certificates.crt CApath: none
- TLSv1.2 (OUT), TLS header, Certificate Status (22):
- TLSv1.2 (OUT), TLS handshake, Client hello (1):
- TLSv1.2 (IN), TLS handshake, Server hello (2):
- TLSv1.2 (IN), TLS handshake, Certificate (11):
- TLSv1.2 (IN), TLS handshake, Server key exchange (12):
- TLSv1.2 (IN), TLS handshake, Request CERT (13):
- TLSv1.2 (IN), TLS handshake, Server finished (14):
- TLSv1.2 (OUT), TLS handshake, Certificate (11):
- TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
- TLSv1.2 (OUT), TLS handshake, CERT verify (15):
- TLSv1.2 (OUT), TLS change cipher, Client hello (1):
- TLSv1.2 (OUT), TLS handshake, Finished (20):
- OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to 10.102.3.205:8443
- stopped the pause stream!
- Closing connection 0 curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to 10.102.3.205:8443
SERVER RESPONSE
2018-01-30 12:03:18,963 INFO Jetconf version 0.3.4 2018-01-30 12:03:18,965 INFO Using config: GLOBAL: BACKEND_PACKAGE: jetconf_jukebox DATA_JSON_FILE: /home/karan/jay/RESTCONF/jukebox-jetconf-master/example-data.json LOGFILE: '-' LOG_DBG_MODULES:
- usr_conf_data_handlers
- knot_api
- nacm
- data LOG_LEVEL: debug PERSISTENT_CHANGES: false PIDFILE: /tmp/jetconf.pid TIMEZONE: Europe/Prague VALIDATE_TRANSACTIONS: true YANG_LIB_DIR: /home/karan//jay/RESTCONF/jukebox-jetconf-master/yang-modules/ HTTP_SERVER: API_ROOT: /restconf API_ROOT_RUNNING: /restconf_running CA_CERT: /home/karan/jay/RESTCONF/jetconf-master/data/ca.pem DBG_DISABLE_CERTS: false DOC_DEFAULT_NAME: index.html DOC_ROOT: /home/karan/jay/RESTCONF/jetconf-master/data/doc-root/ LISTEN_LOCALHOST_ONLY: false PORT: 8443 SERVER_NAME: jetconf-h2 SERVER_SSL_CERT: /home/karan/jay/RESTCONF/jetconf-master/data/server.crt SERVER_SSL_PRIVKEY: /home/karan/jay/RESTCONF/jetconf-master/data/server.key UPLOAD_SIZE_LIMIT: 1 NACM: ALLOWED_USERS:
- lojza@mail.cz ENABLED: true
2018-01-30 12:03:19,093 INFO Backend: init 2018-01-30 12:03:19,094 INFO Server started on ('10.102.3.205', 8443)
Thanks in Advance.