SSL connection to Thin through vagrant

StackOverflow https://stackoverflow.com/questions/19411105

  •  01-07-2022
  •  | 
  •  

Question

I'm running a Rails app that forces SSL and uses HTTP basic authentication inside of a vagrant VM. If I try to make a curl request to the app from my host machine I get

curl -k --verbose https://[user]:[password]@localhost:3001/
* About to connect() to localhost port 3001 (#0)
*   Trying ::1...
* Connection refused
*   Trying fe80::1...
* Connection refused
*   Trying 127.0.0.1...
* connected
* Connected to localhost (127.0.0.1) port 3001 (#0)
* SSLv3, TLS handshake, Client hello (1):
* Unknown SSL protocol error in connection to localhost:3001 
* Closing connection #0
curl: (35) Unknown SSL protocol error in connection to localhost:3001

If I make the same curl request from inside the VM it works

curl -k --verbose https://[user]:[password]@localhost:3001/
* About to connect() to localhost port 3001 (#0)
*  Trying 127.0.0.1...
* Connected to localhost (127.0.0.1) port 3001 (#0)
* successfully set certificate verify locations:
*  CAfile: none
  CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using AES256-SHA
* Server certificate:
* subject: C=AU; ST=Some-State; O=Internet Widgits Pty Ltd
* start date: 2013-10-15 19:38:54 GMT
* expire date: 2023-10-13 19:38:54 GMT
* issuer: C=AU; ST=Some-State; O=Internet Widgits Pty Ltd
* SSL certificate verify result: self signed certificate (18), continuing anyway.
* Server auth using Basic with user 'admin'
> GET / HTTP/1.1
> Authorization: Basic [stuff]
> User-Agent: curl/7.29.0
> Host: localhost:3001
> Accept: */*
> 
< HTTP/1.1 200 OK
< Strict-Transport-Security: max-age=31536000
< X-Frame-Options: SAMEORIGIN
< X-XSS-Protection: 1; mode=block
< X-Content-Type-Options: nosniff
< X-UA-Compatible: chrome=1
< Content-Type: application/json; charset=utf-8
< ETag: "80961ae530b068989bbd4463b2fb6308"
< Cache-Control: max-age=0, private, must-revalidate
< Set-Cookie: request_method=GET; path=/; secure
< X-Request-Id: 9d0426ec-eca2-469a-9e36-14c79d69596a
< X-Runtime: 0.894703
< Connection: close
< Server: thin 1.5.1 codename Straight Razor
< 
* Closing connection 0
* SSLv3, TLS alert, Client hello (1):
[page]

I'm starting thin in the VM using a self signed certificate I created and added to my mac keychain 

bundle exec thin start --ssl --ssl-key-file /etc/ssl/server.key --ssl-cert-file /etc/ssl/server.crt -p 3001

I see that the problem is "Unkown SSL protocol error" but nothing I've found online has been helpful. From the output you can see that they're both using SSLv3. The key isn't expired. I've got nothing, help.

Was it helpful?

Solution

The port forwarding was set up incorrectly in the Vagrantfile. I was connecting to postgresql instead of Thin hence a connection but SSL error. Copy paste error.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top