Bitcoin Forum
December 11, 2017, 04:01:39 PM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: SSL RPC with bitcoind  (Read 3227 times)
mav
Full Member
***
Offline Offline

Activity: 169


View Profile
July 18, 2012, 04:43:20 AM
 #1

I have been trying to establish an SSL connection to bitcoind

I followed exactly these instructions

https://en.bitcoin.it/wiki/Enabling_SSL_on_original_client_daemon

I'm running
Code:
bitcoind -testnet
and then checking the ssl connection using

Code:
openssl s_client -connect 127.0.0.1:8332
which gives the response

Code:
CONNECTED(00000003)
140487709226656:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:177:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 226 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
---

This is all from my local machine, not over a network.

My bitcoin.conf is
Code:
rpcuser=bob
rpcpassword=bob

rpcallowip=192.168.*.*

rpcssl=1
#rpcsslciphers=DEFAULT:@STRENGTH

when I have the configuration line
Code:
rpcssl=1
in my bitcoin.conf I cannot use commands such as
Code:
$ bitcoind getinfo
, I get
Code:
error: no response from server

Can someone please help me diagnose why this isn't working? I'm using the latest version of bitcoin - "version" : 60300
1513008099
Hero Member
*
Offline Offline

Posts: 1513008099

View Profile Personal Message (Offline)

Ignore
1513008099
Reply with quote  #2

1513008099
Report to moderator
1513008099
Hero Member
*
Offline Offline

Posts: 1513008099

View Profile Personal Message (Offline)

Ignore
1513008099
Reply with quote  #2

1513008099
Report to moderator
1513008099
Hero Member
*
Offline Offline

Posts: 1513008099

View Profile Personal Message (Offline)

Ignore
1513008099
Reply with quote  #2

1513008099
Report to moderator
FORTUNEJACK.COM[
                            
9 BTC WELCOME PACK FOR 1ST 5 DEPOSITS
FREE 1,000 mBTC daily for LuckyJack winners
[
          
]
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1513008099
Hero Member
*
Offline Offline

Posts: 1513008099

View Profile Personal Message (Offline)

Ignore
1513008099
Reply with quote  #2

1513008099
Report to moderator
1513008099
Hero Member
*
Offline Offline

Posts: 1513008099

View Profile Personal Message (Offline)

Ignore
1513008099
Reply with quote  #2

1513008099
Report to moderator
1513008099
Hero Member
*
Offline Offline

Posts: 1513008099

View Profile Personal Message (Offline)

Ignore
1513008099
Reply with quote  #2

1513008099
Report to moderator
gweedo
Legendary
*
Offline Offline

Activity: 1246


Java, PHP, HTML/CSS Programmer for Hire!


View Profile WWW
July 18, 2012, 05:30:37 AM
 #2

try

Code:
./bitcoind -rpcconnect=127.0.0.1 -rpcport=8332 -rpcssl -rpcuser=YourUsername -rpcpassword=YourPassword getinfo

also add
Code:
server=1
to the bitcoin.conf

Want to earn 2500 SATOSHIS per hour? Come Chat and Chill in https://goseemybits.com/lobby
mav
Full Member
***
Offline Offline

Activity: 169


View Profile
July 18, 2012, 06:02:13 AM
 #3

no gold with adding that setting nor with the extra command options.

I try using curl to ping the server and this is the result

Code:
curl --user bob --data-binary '{"jsonrpc": "1.0", "id":"curltest", "method": "getinfo", "params": [] }' -H 'content-type: text/plain;' https://127.0.0.1:8332/

Code:
curl: (35) Unknown SSL protocol error in connection to 127.0.0.1:8332

I tried adding the options below to my config with no effect, still getting a protocol error

Code:
rpcssl=1
rpcsslciphers=TLSv1+HIGH:!SSLv2:!aNULL:!eNULL:!AH:!3DES:@STRENGTH
rpcsslcertificatechainfile=server.cert
rpcsslprivatekeyfile=server.pem
rpcsslciphers=DEFAULT:@STRENGTH
gweedo
Legendary
*
Offline Offline

Activity: 1246


Java, PHP, HTML/CSS Programmer for Hire!


View Profile WWW
July 18, 2012, 06:06:43 AM
 #4

Code:
curl --user bob --data-binary '{"jsonrpc": "1.0", "id":"curltest", "method": "getinfo", "params": [] }' -H 'content-type: text/plain;' https://127.0.0.1:8332/
you need the content type as
Code:
application/json
and you need the server=1 in your .conf otherwise bitcoind will not accept JSON RPC commands at all!

also make sure your openssl is correct, search the forums cause if you using it on linux you have to make sure the one pre-installed is the correct version and has the correct algos for bitcoind

Want to earn 2500 SATOSHIS per hour? Come Chat and Chill in https://goseemybits.com/lobby
mav
Full Member
***
Offline Offline

Activity: 169


View Profile
July 18, 2012, 06:29:54 AM
 #5

Found this little gem

http://bitcoin.stackexchange.com/questions/2707/bitcoin-rpc-ssl-error

I copied by server.cert and server.pem to ~/.bitcoin/testnet folder rather than in ~/.bitcoin

Now I have a working ssl rpc connection. Thanks for the help gweedo.

also using curl with a self-signed certificate requires the -k option so I used this command to check it, with success

Code:
curl --user bob --data-binary '{"jsonrpc": "1.0", "id":"curltest", "method": "getinfo", "params": [] }' -H 'content-type: application/json;' https://127.0.0.1:8332/ -k
gweedo
Legendary
*
Offline Offline

Activity: 1246


Java, PHP, HTML/CSS Programmer for Hire!


View Profile WWW
July 18, 2012, 06:36:59 AM
 #6

Your welcome glad to help

Want to earn 2500 SATOSHIS per hour? Come Chat and Chill in https://goseemybits.com/lobby
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!