CODEWITHSUNDEEP
sslcurlsalt-project
Walker Rowe
Walker Rowe

Reputation: 973

SSL Error on 8 on SaltStack using Tornado

If I run:

curl -si localhost:8000/login -H "Accept: application/json" -d username='salt' -d password='salt' -d eauth='pam'

It gives this error:

Process Manager starting! Enter PEM pass phrase: [WARNING ] SSL Error on 8 ('127.0.0.1', 50408): [Errno 1] _ssl.c:510: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request [ERROR ] Uncaught exception Traceback (most recent call last): File "/usr/lib/python2.7/dist-packages/tornado/http1connection.py", line 693, in _server_request_loop ret = yield conn.read_response(request_delegate) File "/usr/lib/python2.7/dist-packages/tornado/gen.py", line 870, in run value = future.result() File "/usr/lib/python2.7/dist-packages/tornado/concurrent.py", line 215, in result raise_exc_info(self._exc_info) File "/usr/lib/python2.7/dist-packages/tornado/gen.py", line 876, in run yielded = self.gen.throw(*exc_info) File "/usr/lib/python2.7/dist-packages/tornado/http1connection.py", line 168, in _read_message quiet_exceptions=iostream.StreamClosedError) File "/usr/lib/python2.7/dist-packages/tornado/gen.py", line 870, in run value = future.result() File "/usr/lib/python2.7/dist-packages/tornado/concurrent.py", line 215, in result raise_exc_info(self._exc_info) File "", line 3, in raise_exc_info SSLError: [Errno 1] _ssl.c:510: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request

Here is:

tail /etc/salt/master # socket backlog backlog: 128 ssl_crt: /etc/pki/api/certs/cert.pem # no need to specify ssl_key if cert and key # are in one single file ssl_key: /etc/pki/api/certs/key.pem debug: False disable_ssl: False webhook_disable_auth: False cors_origin: null

And I copied my self-signed certs to the location shown above and added it to the root CA:

sudo cp cert.pem /usr/share/ca-certificates/ sudo dpkg-reconfigure ca-certificates

Upvotes: 0

Views: 337

Answers (1)

Walker Rowe
Walker Rowe

Reputation: 973

It appears you cannot use a virtual environment with the salt-api. I removed Anaconda and upgrade to Python 3 and now it works, yet it gives a warning, but it gives no error:

curl -si localhost:8000/login > -H "Accept: application/json" >
-d username='salt' > -d password='salt' > -d eauth='pam'

Does not throw an error, only a warning:

[DEBUG ] Process Manager starting! [WARNING ] SSL Error on 11 ('127.0.0.1', 46632): [SSL: HTTP_REQUEST] http request (_ssl.c:600)

Upvotes: 0

Related Questions