SSL RPC with bitcoind

[mav]

I have been trying to establish an SSL connection to bitcoind

I followed exactly these instructions

https://en.bitcoin.it/wiki/Enabling_SSL_on_original_client_daemon

I'm running

Code:

bitcoind -testnet

and then checking the ssl connection using

Code:

openssl s_client -connect 127.0.0.1:8332

which gives the response

Code:

CONNECTED(00000003)
140487709226656:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:177:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 226 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
---

This is all from my local machine, not over a network.

My bitcoin.conf is

Code:

rpcuser=bob
rpcpassword=bob

rpcallowip=192.168.*.*

rpcssl=1
#rpcsslciphers=DEFAULT:@STRENGTH

when I have the configuration line

Code:

rpcssl=1

in my bitcoin.conf I cannot use commands such as

Code:

$ bitcoind getinfo

, I get

Code:

error: no response from server

Can someone please help me diagnose why this isn't working? I'm using the latest version of bitcoin - "version" : 60300

[1713949355]

1713949355

[1713949355]

1713949355

[gweedo]

try

Code:

./bitcoind -rpcconnect=127.0.0.1 -rpcport=8332 -rpcssl -rpcuser=YourUsername -rpcpassword=YourPassword getinfo

also add

Code:

server=1

to the bitcoin.conf

[mav]

no gold with adding that setting nor with the extra command options.

I try using curl to ping the server and this is the result

Code:

curl --user bob --data-binary '{"jsonrpc": "1.0", "id":"curltest", "method": "getinfo", "params": [] }' -H 'content-type: text/plain;' https://127.0.0.1:8332/

Code:

curl: (35) Unknown SSL protocol error in connection to 127.0.0.1:8332 

I tried adding the options below to my config with no effect, still getting a protocol error

Code:

rpcssl=1
rpcsslciphers=TLSv1+HIGH:!SSLv2:!aNULL:!eNULL:!AH:!3DES:@STRENGTH
rpcsslcertificatechainfile=server.cert
rpcsslprivatekeyfile=server.pem
rpcsslciphers=DEFAULT:@STRENGTH

[gweedo]

Code:

curl --user bob --data-binary '{"jsonrpc": "1.0", "id":"curltest", "method": "getinfo", "params": [] }' -H 'content-type: text/plain;' https://127.0.0.1:8332/

you need the content type as

Code:

application/json

and you need the server=1 in your .conf otherwise bitcoind will not accept JSON RPC commands at all!

also make sure your openssl is correct, search the forums cause if you using it on linux you have to make sure the one pre-installed is the correct version and has the correct algos for bitcoind

[mav]

Found this little gem

http://bitcoin.stackexchange.com/questions/2707/bitcoin-rpc-ssl-error

I copied by server.cert and server.pem to ~/.bitcoin/testnet folder rather than in ~/.bitcoin

Now I have a working ssl rpc connection. Thanks for the help gweedo.

also using curl with a self-signed certificate requires the -k option so I used this command to check it, with success

Code:

curl --user bob --data-binary '{"jsonrpc": "1.0", "id":"curltest", "method": "getinfo", "params": [] }' -H 'content-type: application/json;' https://127.0.0.1:8332/ -k

[gweedo]

Your welcome glad to help