Latest posts of: helloelec

Bitcoin Forum

September 23, 2025, 06:09:19 PM

Welcome, Guest. Please login or register.

News: Latest Bitcoin Core release: 29.0 [Torrent]

Home

Help

Search

Login

Register

More

Show Posts
Pages: [1]

1

Bitcoin / Electrum / Re: Connect to electrum server without SSL

on: February 07, 2022, 02:03:36 PM

Quote from: NeuroticFish on February 07, 2022, 01:55:19 PM Quote from: helloelec on February 07, 2022, 01:41:18 PM What is this :s protocol? Strange, my man page for elecctrum says there are only :t and :h options. The online docs tell about more; a server can announce even a non-standard tcp port easily. Quote from: https://electrum.readthedocs.io/en/latest/protocol.html#server-peers-subscribe supported protocols (“t” = tcp@50001, “h” = http@8081, “s” = tcp/tls@50002, “g” = https@8082; non-standard port would be announced this way: “t3300” for tcp on port 3300) I didn't need to know all those details, but it's all in server.peers.subscribe docu; it may worth a read. How bizarre, having two dfiferent protocol flags for ports 50001 and 50002. Thanks for sharing, I'll give those docs a look. Quote from: vv181 on February 07, 2022, 01:56:50 PM Quote from: helloelec on February 07, 2022, 01:41:18 PM Quote from: vv181 on February 07, 2022, 12:39:34 PM @helloelec can you also try to post the Electrum log? and what version does your Electrs running? Code: ./electrum -v -1 --oneserver --server electrs_server_ip:50002:s This command works! What is this :s protocol? Strange, my man page for elecctrum says there are only :t and :h options. Thats should do it then I think I have read it somewhere. The :t suffix should tell the client not to use SSL, and just connect plainly over TCP. While the :s suffix would make the client connext over SSL over TCP which make the command you are using now is working. This also the reason in your previous try whereas you are connecting to the server in an unencrypted manner. Well I'm a bit confused. According to the post above the :t flag is just for tls over 50001, and my electrs server listens on 50001 but is not (to my knowledge) tls. I'll have to do some digging. Anyway thanks a bunch, what a relief to have this finally working!

2

Bitcoin / Electrum / Re: Connect to electrum server without SSL

on: February 07, 2022, 01:41:18 PM

Quote from: vv181 on February 07, 2022, 12:39:34 PM @helloelec can you also try to post the Electrum log? and what version does your Electrs running? Code: ./electrum -v -1 --oneserver --server electrs_server_ip:50002:s This command works! What is this :s protocol? Strange, my man page for elecctrum says there are only :t and :h options.

3

Bitcoin / Electrum / Re: Connect to electrum server without SSL

on: February 07, 2022, 04:24:50 AM

Quote from: vv181 on February 06, 2022, 09:36:02 PM Quote from: helloelec on February 06, 2022, 08:17:54 PM I followed the instructions at https://raspibolt.org/electrs.html, but when I try to connect using Electrum I get the following error: ~ Did you also follow this(https://raspibolt.org/security.html#prepare-nginx-reverse-proxy) tutorial? Yes, I did Quote from: NotATether on February 07, 2022, 03:40:15 AM Quote from: helloelec on February 06, 2022, 02:18:39 PM Dumb question, but is this better than creating a reverse proxy using nginx? Is it maybe a little simpler? In my experience yes, because I frequently got nginx configuration entries wrong. Quote from: helloelec on February 06, 2022, 02:18:39 PM I followed the instructions at https://raspibolt.org/electrs.html, but when I try to connect using Electrum I get the following error: Code: 2022/02/06 15:01:11 [debug] 123519#123519: 3 SSL_do_handshake: -1 2022/02/06 15:01:11 [debug] 123519#123519: 3 SSL_get_error: 1 2022/02/06 15:01:11 [info] 123519#123519: *3 SSL_do_handshake() failed (SSL: error:1408F10B:SSL routines:ssl3_get_record:wrong version number) while SSL handshaking, client: 192.168.2.69, server: 0.0.0.0:50002 I can do a TLS handshake using openssl s_client. I can also connect directly to the electrs server (not over tls) using a command supplied in this thread. Has anyone seen this before? My cert is self-signed, but according to the Electrum docs this should be ok. Looks like you already have TLS up and running but you're trying to connect to your Electrum server with a different TLS version - SSL3 to be specific - than what your setup supports. Try running s_client with, e.g. -tls1_2, to specifically connect with TLS 1.2 and see if that's supported. If you see the certificate chain then it worked, otherwise if there is some "handshake error" then it's not supported. Modern browsers only support TLS 1.2 and 1.3 so older TLS version on the nginx config will not work (this includes SSL3 and 2). My nginx config allows tls 1.3 and 1.2. s_client completes a handshake when these two are used, but I get errors when I use -tls1_1 and -tls1 flags (-ssl3 is not available in my build of s_client). The error I get is the following, which is different than what I get when I try to connect with electrum: Code: 281473671444976:error:1409442E:SSL routines:ssl3_read_bytes:tlsv1 alert protocol version:../ssl/record/rec_layer_s3.c:1543:SSL alert number 70 Do you think electrum is trying to connect with ssl3? I thought it was deprecated. And I tried to use stunnel first before nginx but I failed there as well. I couldn't find a good guide, and the following config did not work: Code: [https] accept = 443 connect = 50001 cert = /home/xx/stunnel_cert.pem I realize now that [https] probably isn't what I'm looking for.

4

Bitcoin / Electrum / Re: Connect to electrum server without SSL

on: February 06, 2022, 02:18:39 PM

Quote from: NotATether on February 06, 2022, 02:07:12 PM Quote from: helloelec on February 06, 2022, 01:15:42 PM If not, does anyone know any good resources for configuring SSL on the electrum server? Install Stunnel on the Electrum server, generate a self-signed OpenSSL certificate and create a config file for stunnel with Electrum's port number and the OpenSSL cert you generated. Then set a TLS port that will encapsulate Electrum TLS traffic inside the config file. From then on you can use the new port under HTTPS to connect to Electrum. Then block external connections to the HTTP port with a firewall if you want to disable HTTP traffic. Dumb question, but is this better than creating a reverse proxy using nginx? Is it maybe a little simpler? I followed the instructions at https://raspibolt.org/electrs.html, but when I try to connect using Electrum I get the following error: Code: 2022/02/06 15:01:11 [debug] 123519#123519: 3 SSL_do_handshake: -1 2022/02/06 15:01:11 [debug] 123519#123519: 3 SSL_get_error: 1 2022/02/06 15:01:11 [info] 123519#123519: *3 SSL_do_handshake() failed (SSL: error:1408F10B:SSL routines:ssl3_get_record:wrong version number) while SSL handshaking, client: 192.168.2.69, server: 0.0.0.0:50002 I can do a TLS handshake using openssl s_client. I can also connect directly to the electrs server (not over tls) using a command supplied in this thread. Has anyone seen this before? My cert is self-signed, but according to the Electrum docs this should be ok.

5

Bitcoin / Electrum / Re: Connect to electrum server without SSL

on: February 06, 2022, 02:00:31 PM

Quote from: ETFbitcoin on February 06, 2022, 01:38:50 PM Quote from: helloelec on February 06, 2022, 01:15:42 PM If not, does anyone know any good resources for configuring SSL on the electrum server? Get free SSL certificate from https://letsencrypt.org/ and configure nginx/apache which act as reverse proxy to use the SSL certificate. Quote from: BlackHatCoiner on February 06, 2022, 01:37:09 PM Quote from: helloelec on February 06, 2022, 01:15:42 PM Since it's a local server I was thinking it would be better to just leave traffic unencrypted. Not sure if that's recommended unless your internet provider can't track your router's info down. Or your ISP sell your data. I'm staying with family right now so I'm using the ISP's modem/router thing, unfortunately. The ISP can inspect LAN traffic you think? And thanks to the poster who recommended https://raspibolt.org/electrs.html, it looks good.

6

Bitcoin / Electrum / Re: Connect to electrum server without SSL

on: February 06, 2022, 01:54:26 PM

Quote from: NeuroticFish on February 06, 2022, 01:41:22 PM Quote from: helloelec on February 06, 2022, 01:15:42 PM My main question is: is it possible for the electrum client to make unencrypted connections to servers? From what I know my electrs server is not on SSL (at least I didn't set up any certificate there) And the command line I use for my Electrum is: Code: electrum --oneserver --server 127.0.0.1:50001:t Edit: since @BlackHatCoiner wrote that this doesn't work for him, I will add that it works for me, I use it, it works. I've connected to it just yesterday (since I have no ports opened I run it only when I need it). Oh what on earth? This actually worked. I swear I tried this last night except for the ":t" bit. Thanks!

7

Bitcoin / Electrum / Connect to electrum server without SSL

on: February 06, 2022, 01:15:42 PM

When I try to connect to my local electrs server I get errors that suggest the electrum client expects the connection to be SSL, but the server is not configured for SSL (this is true). I am able to connect to this server using one of my lightning wallets. I tried to configure the electrs server for SSL but it's been giving me a bit of trouble, and I think it has to do with the certs. Since it's a local server I was thinking it would be better to just leave traffic unencrypted. My main question is: is it possible for the electrum client to make unencrypted connections to servers? If not, does anyone know any good resources for configuring SSL on the electrum server?

Pages: [1]

Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines