Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

HTTPS issues: Self signed certificates #12

Closed
dwm66 opened this issue Jan 24, 2020 · 8 comments
Closed

HTTPS issues: Self signed certificates #12

dwm66 opened this issue Jan 24, 2020 · 8 comments

Comments

@dwm66
Copy link

dwm66 commented Jan 24, 2020

I switched the ioBroker web.0 also internally to https with my own certificate chain.
The phantom adapter cannot treat these certificate and results in
`
2020-01-24 11:32:47.478 - �[34mdebug�[39m: phantomjs.0 (573) viewportSize: {"height":600,"width":800}
clipRect: {"height":600,"left":0,"top":0,"width":800}
paperSize: {}
scrollPosition: {"left":0,"top":0}
URL: https://10.22.1.40:8082/flot/index.html ...........

Unable to load resource (#1URL:https://10.22.1.40:8082/flot/index.html? ... clipped loooong params ... )
Error code: 6. Description: SSL handshake failed
Unable to load the address!

phantomjs://code/rasterize.js:219
`
So loading flot diagrams and sending them with Telegram is not working.

The phantomjs CLI has quite some parameters to treat that, worst case with --ignore-ssl-errors=true. Can the adapter do something similar?

TNX
Werner

@Apollon77
Copy link
Contributor

please test 1.1.0 on GitHub

@dwm66
Copy link
Author

dwm66 commented Jul 27, 2020

Hm ... not out of the box ...
Also breaks no without https:

`phantomjs.0 2020-07-27 17:44:40.938 debug (20651) system.adapter.admin.0: logging true
phantomjs.0 2020-07-27 17:44:36.347 debug (20651) sendTo "send" to system.adapter.javascript.0 from system.adapter.phantomjs.0
phantomjs.0 2020-07-27 17:44:36.345 debug 139680471043712:error:0E076071:configuration file routines:MODULE_RUN:unknown module name:conf_mod.c:222:module=ssl_conf
phantomjs.0 2020-07-27 17:44:36.345 debug 139680471043712:error:0E07506E:configuration file routines:MODULE_LOAD_DSO:error loading dso:conf_mod.c:285:module=ssl_conf, path=ssl_conf
phantomjs.0 2020-07-27 17:44:36.345 debug 139680471043712:error:25070067:DSO support routines:DSO_load:could not load the shared library:dso_lib.c:244:
phantomjs.0 2020-07-27 17:44:36.345 debug 139680471043712:error:25066067:DSO support routines:DLFCN_LOAD:could not load the shared library:dso_dlfcn.c:185:filename(libssl_conf.so): libssl_conf.so: Kann die Shared-Object-Datei nicht öffnen: Da
phantomjs.0 2020-07-27 17:44:36.345 debug (20651) Auto configuration failed
phantomjs.0 2020-07-27 17:44:36.345 error (20651) {"killed":false,"code":1,"signal":null,"cmd":"/opt/iobroker/node_modules/phantomjs-prebuilt/lib/phantom/bin/phantomjs /opt/iobroker/node_modules/iobroker.phantomjs/lib/rasterize.js --url http
phantomjs.0 2020-07-27 17:44:36.344 debug (20651) and save to "/tmp/image_1262c4f0bb4407e24cdb2d96499d8fbd5ec53ab2b68b2742e8510ff3a7c3bca7.png"
phantomjs.0 2020-07-27 17:44:36.313 debug (20651) /opt/iobroker/node_modules/iobroker.phantomjs/lib/rasterize.js --url http://localhost:9082/vis/index.html#aussen --output "/tmp/image_1262c4f0bb4407e24cdb2d96499d8fbd5ec53ab2b68b2742e8510ff3a
phantomjs.0 2020-07-27 17:44:36.312 info (20651) Create 1280px*776px in 10000ms - "http://localhost:9082/vis/index.html#aussen" => "/tmp/image_1262c4f0bb4407e24cdb2d96499d8fbd5ec53ab2b68b2742e8510ff3a7c3bca7.png"
phantomjs.0 2020-07-27 17:44:26.187 info (20651) starting. Version 1.1.0 in /opt/iobroker/node_modules/iobroker.phantomjs, node: v10.20.1, js-controller: 3.1.4`

@Apollon77
Copy link
Contributor

ALso diese Fehlermeldung klingt eher so als ob ssl support gar nicht eingebaut wäre bei phanttomjs ... mist ...

@Apollon77
Copy link
Contributor

Ok, 1.1.1 removed es wieder

@dwm66
Copy link
Author

dwm66 commented Jul 28, 2020

Ok, ich glaub ich habs ... das Problem ist ... vielschichtig :)

bazelbuild/rules_closure#353

Scheint auch mit der Debian/OpenSSL Version zu tun zu haben. Ich gestehe, kann schon sein, dass ich das beim letzten Update des "Buanet" containers nicht gecheckt hab.

Hab jetzt mal etwas auf der Kommandozeile gespielt:
root@bab774581df3:/opt/iobroker/node_modules/phantomjs-prebuilt/bin# cd /opt/iobroker/ root@bab774581df3:/opt/iobroker# /opt/iobroker/node_modules/phantomjs-prebuilt/lib/phantom/bin/phantomjs /opt/iobroker/node_modules/iobroker.phantomjs/lib/rasterize.js --url https://10.22.1.40:8082 Auto configuration failed 139922111331968:error:25066067:DSO support routines:DLFCN_LOAD:could not load the shared library:dso_dlfcn.c:185:filename(libssl_conf.so): libssl_conf.so: Kann die Shared-Object-Datei nicht öffnen: Datei oder Verzeichnis nicht gefunden 139922111331968:error:25070067:DSO support routines:DSO_load:could not load the shared library:dso_lib.c:244: 139922111331968:error:0E07506E:configuration file routines:MODULE_LOAD_DSO:error loading dso:conf_mod.c:285:module=ssl_conf, path=ssl_conf 139922111331968:error:0E076071:configuration file routines:MODULE_RUN:unknown module name:conf_mod.c:222:module=ssl_conf
... also doof.

Jetzt mal mit dem vorgeschlagenem Fix:

export OPENSSL_CONF=/etc/ssl/ /opt/iobroker/node_modules/phantomjs-prebuilt/lib/phantom/bin/phantomjs /opt/iobroker/node_modules/iobroker.phantomjs/lib/rasterize.js --ignore-ssl-errors=true --url https://10.22.1.40:8082 --output /tmp/test.png viewportSize: {"height":600,"width":800} clipRect: {"height":600,"left":0,"top":0,"width":810} paperSize: {} scrollPosition: {"left":0,"top":0} URL: https://10.22.1.40:8082 output: /tmp/test.png zoom: 1 Unable to load resource (#1URL:https://10.22.1.40:8082/) Error code: 6. Description: SSL handshake failed Unable to load the address!

AHA! Also ... alles auf Anfang.
Die SSL Unterstützung ist schon drin, nur weil Debian die Filestruktur geändert hat, wurde die Konfig nicht mehr gefunden...
8)

root@bab774581df3:/opt/iobroker# /opt/iobroker/node_modules/phantomjs-prebuilt/lib/phantom/bin/phantomjs --ignore-ssl-errors=true /opt/iobroker/node_modules/iobroker.phantomjs/lib/rasterize.js --url https://10.22.1.40:8082 --output /tmp/test.png viewportSize: {"height":600,"width":800} clipRect: {"height":600,"left":0,"top":0,"width":810} paperSize: {} scrollPosition: {"left":0,"top":0} URL: https://10.22.1.40:8082 output: /tmp/test.png zoom: 1

Success!!!
Man beachte die Reihenfolge der Parameter.
--ignore-ssl-errors ist ein Parameter von /bin/phantomjs, der Rest ein Parameter von .../rasterize.js.

Bei der 1.1.0 klappt das nicht, da wird das --ignore-ssl-errors=true als settings angehängt, das kommt dann als Parameter ins rasterize.js und wird prompt ignoriert.

Hilft das?
Naiv könnte man in main.js Zeile 144 einfach schreiben
var cmd = [--ignore-ssl-errors=true __dirname + '/lib/rasterize.js'];

Dass das Dings natürlich die OpenSSL Konfiguration finden muss und deswegen das Environment gesetzt werden muss ist ... unschön, aber machbar :)

CU

@Apollon77
Copy link
Contributor

Ok bitte 1.1.2 vom GitHub checken und feedback geben

@dwm66
Copy link
Author

dwm66 commented Jul 28, 2020

Funktioniert jetzt einwandfrei!
Vielen Dank für die Mühe!!

@Apollon77
Copy link
Contributor

1.1.2 auf latest

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants