9front - general discussion about 9front
 help / color / mirror / Atom feed
* [9front] https exec header invalid
@ 2022-04-23 23:08 william
  2022-04-24  1:37 ` ori
  0 siblings, 1 reply; 4+ messages in thread
From: william @ 2022-04-23 23:08 UTC (permalink / raw)
  To: 9front

Struggle with https. Never got around to figuring this out.  But in theory

Create key with rsagen, convert to x509 and pemencode it. Cat it to factotum on boot using
cpustart. Make sure both services are created. One for port 80 and the other for 443.

Why am I getting: exec header invalid. not much more in the logs and nothing in /sys/log/http

I will rebuild the key and pem for security but I think I'm missing something. Here is my configuration 
steps. 

	ramfs -p
	cd /tmp
	auth/rsagen -t 'service=tls role=client owner=*' > think.key
	chmod 600 think.key
	cp think.key /sys/lib/tls/think.key

	auth/rsa2x509 'C=US CN=thinktankworkspaces.com' /sys/lib/tls/think.key | \
		auth/pemencode CERTIFICATE > /sys/lib/tls/think.pem

	cat /cfg/$sysname/cpustart
	cat /sys/lib/tls/think.key >> /mnt/factotum/ctl

	cat /bin/service.auth/tcp443
 	#!/bin/rc
 	exec tlssrv -D -c /sys/lib/tls/think.pem -l /sys/log/https /bin/service/tcp80 $*

	cat tcp80
	#!/bin/rc
	exec /rc/bin/rc-httpd/rc-httpd >>[2]/sys/log/www


tail /sys/log/listen
maat Apr 23 15:44:01 tcp: /cfg/maat/service.www/tcp443: exec header invalid

tail/sys/log/www
45.79.94.76/ -  - GET - md_handler sites/45.79.94.76/index.md - lib/default_master.tpl
Sat Apr 23 15:49:47 PDT 2022 :: 45.79.94.76 :: GET / HTTP/1.1 :: :: 200 ::

I feel like the cert is wrong and will rebuild it after this email. 

cat think.pem
-----BEGIN CERTIFICATE-----
MIIC1zCCAb+gAwIBAgIBADANBgkqhkiG9w0BAQsFADAvMQswCQYDVQQGEwJVUzEg
MB4GA1UEAxMXdGhpbmt0YW5rd29ya3NwYWNlcy5jb20wHhcNMjIwNDIzMjIwMjU4
WhcNMjUwNDI1MjIwMjU4WjAvMQswCQYDVQQGEwJVUzEgMB4GA1UEAxMXdGhpbmt0
YW5rd29ya3NwYWNlcy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDzGShZv2cAxpRsJEqGOhSWom7zUdWe3zJU4FSY2V1UWlr/Aw0fjkh1kDiNFuUX
arZ1ekMMBZQXQte+YnPZ/AdZy+4ovwEqG5R7k/AzFgonhPQrFFjySjmzGpeKc4We
dwiCgW28zDOCg2dr4CC9C2b6HonJH4/dyFF2Jx54sRC9NxuHtJYl/64BzYxxKkOQ
7czrnkoZ3BQCIzDcQFXn58NKCZSj9jI4ps8tChrLoJiGD7bjBqmvdoppfvrZOmTk
WBiLTdyj3q7C6rqWbYCX+v6VHWN+Rsh0q1B28umEYluUtK2AcxitC6pzkxmR/wsz
JWZ0GQr3DH2bZ6zfdZVWD3R1AgMBAAEwDQYJKoZIhvcNAQELBQADggEBAHIMtrrV
toCAqHRpYnDp5bgZlMk7EClX8H7LK1naFOBbEjfceuBqBanxqe0NwNGTqqPI/EWb
efFW12r6GWyztTiEdideoGTh+KwN8rKWqfrLi68xtfPuAFQIBdjrjP4ZyKVFs31z
hN9e9Nf8bdXzSMomKtgCO6qZmymw4YtZUz0oqJCxmu98o3nPVinLVolhyJoFiB2w
FOhxTVSpfqctXMIhNijPaFoPzRcaFnJ1YGX9ZOKbk14Gv6vyC0s9wkqDJg0S4V+L
0ORt2cvOhIyw41Ppimld+gNUVU3MpQNtzijYcYj+1PvUZn922Hn9cpwUwx/WdRbF
NM8NXDafMS2uHP4=
-----END CERTIFICATE-----

cat think.key
key proto=rsa service=tls role=client owner=* size=2048 ek=10001 !dk=C3BEB72A05200894DE0071FC7C369A4B6D020FF50E20FE3205FC18C2770C5A96E2FCC25537DA96E7EB384E0B686EC1A3A7D6C9D40D4DE0A917159B2B1414874ABC15CA437AC99029B0943FEEB2C97C66E7412502361EA4755E6D35B3AD9D1AD60457F9A7F3796A972A98C7813517D0548870843D60D7C1AC2E8A7353D5A7D7E27B6D568856D802279B5E5D4A1F52018E4C54E3A5F0EFADB59125C2092889ABAF9FB540EF88C36B10D78D5245B67AB3BD60ADC3B2302494ABCC98F5B871FED3452DD0A74DA14B76BF654290D84C606B319BF54A8C2F593D0CD451C4AA79BEF502D4B7B1A35023E455200CA1ECE8CCE96A72EBB6EFEB4309F408668710B2669865 n=F3192859BF6700C6946C244A863A1496A26EF351D59EDF3254E05498D95D545A5AFF030D1F8E487590388D16E5176AB6757A430C05941742D7BE6273D9FC0759CBEE28BF012A1B947B93F033160A2784F42B1458F24A39B31A978A73859E770882816DBCCC338283676BE020BD0B66FA1E89C91F8FDDC85176271E78B110BD371B87B49625FFAE01CD8C712A4390EDCCEB9E4A19DC14022330DC4055E7E7C34A0994A3F63238A6CF2D0A1ACBA098860FB6E306A9AF768A697EFAD93A64E458188B4DDCA3DEAEC2EABA966D8097FAFE951D637E46C874AB5076F2E984625B94B4AD807318AD0BAA73931991FF0B33256674190AF70C7D9B67ACDF7595560F7475 !p=853EE71EF67CC6350C6CB747B05EAC6E5FACC777FE8B2C51E91CD17990B668C6CC5FE886225827F5BD23E154EB68C8CFFCC21B9F1001301B5C92DEFB94E98C1FB2CAD1B3AA585E543B2BF3CE275B4C50FA2940DABFF6F145FA4DE6844E888327BBE53E437B430275EC96AFCDAB0DA44A4A217C09484DAD688F38DC75AA350383 !q=1D30E3C206F7DD10DFD77AF17FF6B8399C02906E5147EBA2673DCD0C95241514EFFFFE7A6F30ABC3C0B1DAB4A78A95A05EC706D38E9D027120484F7690B058E29DDBF412EB6A4CC079533DECE2B041B86B94764CF9F776ECF1B667FF83633D5EA99F40281C67240069817086E8E03D61875FBD674B5B62B6D22216994D4430EA7 !kp=5F269C45301FCA2AF7C46ADD76C524BD6CF5253C3B39875CB6EB2D6B723BD076A65B96E0B285E1834A9DE4BB8FA03446D2688AF0FBACDD7DAC8DF54E12F8F4676E76076A15AB2531614FF1BAB5C02CAF66F52EAB078A80A1482D78FFE254F9D3D609CE7CC1F90838CDCA8DA081162CCC2043E91F77D28092BA3410BAB5E145B !kq=84E1E9ED788B1D6D938DF7BD26289ABAA5D78664AADE1B6C514EA400836C9E0B91FE671432D5FD14403D62BCBF73BF6F2C0418AF36A6C856F1FE3ABE222AA475F8E72F4E711C96081A4535C106B0167CD03E25CA849E606280733B398D8255FC776CDB41BD0A487917D085CF9E8C2CDFACC1C8145096D1E82CEBC0B45D67EEC5 !c2=18A7AD290DD6A4B2C50C1F5191C8F14D4DEFB3109B9F8F01FA629AC8E75B54008440CE322080F3E6DDC55EA8CEB94DCBD5481DCB98D15237C532F3BB475D69EBBEB9BBCA27D12E9F58B1600B6ADD2A46E97B02877564D8826130547366BAF53E113EDA5C197448931CD1138022DE0BC6075294886C6276F3D0E32A94E68060E30

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2022-04-26 23:01 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-04-23 23:08 [9front] https exec header invalid william
2022-04-24  1:37 ` ori
2022-04-24 21:08   ` william
2022-04-26 23:00     ` ori

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).