Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SSL error appear #508

Open
SoraKohaku opened this issue Mar 29, 2023 · 4 comments
Open

SSL error appear #508

SoraKohaku opened this issue Mar 29, 2023 · 4 comments

Comments

@SoraKohaku
Copy link

Error code: SSL_ERROR_RX_RECORD_TOO_LONG
depan

added this

// Add this section code to here
var forceSSL = require('express-force-ssl');
var https = require('https');
var fs = require('fs');
var ssl_options = {
key: fs.readFileSync('localhost.decrypted.key'),
cert: fs.readFileSync('localhost.crt')
};
// Add this section code to here

var app = express();

// Add this section code to here
var secureServer = https.createServer(ssl_options, app);
// Add this section code to here

with below

// Add below line here
secureServer.listen(445);
@joeuhren
Copy link
Contributor

First of all, I would suggest if you are trying to add your own features to any codebase that doesn't natively support them then you probably won't receive much help since the problem has nothing to do with the project and has everything to do with the new code that you introduced.

That being said, I would recommend looking at the following potential issues with your code:

  1. Try changing port 445 to the default SSL port of 443: secureServer.listen(443);
  2. I know nothing about the express-force-ssl dependency but a quick search of the error msg you are having shows that it could be a redirect problem to port 80, so I would also recommend changing the express port from 3003 to 80. This will definitely require you to run the explorer as the root user or else use another method to gain access to those lower port #'s like the setcap method or running a reverse proxy via other webserver such as nginx. If necessary, you can read up on some of the workarounds here: https://github.com/team-exor/eiquidus#run-express-webserver-on-port-80
  3. Typically you need 3 certificate files for SSL/TLS support and you only list 2. Are you missing one?
  4. Your screenshot shows that you are trying to access the site via IP address instead of domain name. The most common (and free!) method of issuing an SSL certificate is via LetsEncrypt's certbot, but they haven't allowed plain IP addresses for as long as I can remember. Where exactly are you getting your SSL certificate from?

It's also important to note that this explorer has been abandoned for years now and doesn't support SSL which is why you are needing to add your own SSL code. Instead of trying to hack together the SSL feature, I might suggest you use my updated explorer instead which is a clone of this explorer with full SSL support built-in and 100's of additional fixes and changes to overall improve the explorer security and functionality: https://github.com/team-exor/eiquidus

@SoraKohaku
Copy link
Author

the problem after i change db and user cannot connect. any settings for this?

Mongodb 5.0

@joeuhren
Copy link
Contributor

Hard to say what is wrong without more info, but you mention changing the db so my guess is that you might have added the new user to a different db. You need to make sure you have the db you intend to use selected first and then add the new user to that database. For example:

use newdatabase
db.createUser( { user: "iquidus", pwd: "3xp!0reR", roles: [ "readWrite" ] } )

And then obviously make sure the settings.json has the same database name and username/password combination you specified.

@cybershrapnel
Copy link

cybershrapnel commented Jan 4, 2024
edited

the problem after i change db and user cannot connect. any settings for this?

Mongodb 5.0

Here is a solution for you if you are willing to run a fastapi server in python, which is what I do to run a chatgpt plugin as it requires SSL. once you have a fastapi server up and running with SSL, just add these paths to your fast api (adjust my domains as need.
This will redirect all traffic from your internal non hosted site in linux on either port 3001 or 80, doesn't matter, and it will relay all traffic through the fast api, with valid SSL :)
Now this is a hack and a half. I had to redirect some ajax calls and such to make search work.
But this also moves you explorer from top directory to the /explorer directory on your server and makes 2 api endpoints, one in /api and one in /explorer/ext and/or /explorer/api

this needs some improvement, but it will make iquidus fully functional. I might be running liquidus though, I can't remember lol...
might need minor adjustments. but you can see it running here.
https://explorer.nanocheeze.com

I hope this helps, but I would have to agree with joeuhren to maybe just upgrade, but if your like me and don't want to move on just yet. this works quite dandy :)

Here is the code:

https://pastebin.com/C4uGknmQ

If you need any help running a fastapi server I put up this guide to running a chatgpt plugin which you can literally just dump the code above into. all you need to do is get your ssl cert and combine the 2 files into one so you have a valid cert
https://github.com/cybershrapnel/chatgpt-plugins-fastapi-quickstart

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@SoraKohaku @cybershrapnel @joeuhren