2013-10-17 93 views
1

當我踢了我的龍捲風HTTPS服務器,我問了PEM密碼(這是我沒設置,所以我只需點擊進入)龍捲風HTTPS的SSL錯誤

Enter PEM pass phrase: 2013-10-17 14:24:46,730 ioloop.py:660 Exception 
in I/O handler for fd 3 Traceback (most recent call last): File 
"/usr/lib/python2.7/site-packages/tornado/ioloop.py", line 653, in 
start 
    self._handlers[fd](fd, events) File "/usr/lib/python2.7/site-packages/tornado/stack_context.py", line 241, 
in wrapped 
    callback(*args, **kwargs) File "/usr/lib/python2.7/site-packages/tornado/netutil.py", line 141, in 
accept_handler 
    callback(connection, address) File "/usr/lib/python2.7/site-packages/tornado/tcpserver.py", line 212, in 
_handle_connection 
    do_handshake_on_connect=False) File "/usr/lib/python2.7/site-packages/tornado/netutil.py", line 322, in 
ssl_wrap_socket 
    return ssl.wrap_socket(socket, **dict(context, **kwargs)) File "/usr/lib64/python2.7/ssl.py", line 387, in wrap_socket 
    ciphers=ciphers) File "/usr/lib64/python2.7/ssl.py", line 141, in __init__ 
    ciphers) SSLError: [Errno 336265225] _ssl.c:351: error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib Enter 
PEM pass phrase: 

我生成的密鑰使用這些指令:http://www.thegeekstuff.com/2009/07/linux-apache-mod-ssl-generate-key-csr-crt-file/ 然後修改龍捲風旋轉起來,如下

SSL_OPTIONS = { 
    "certfile": "path/to/crt", 
    "keyfile": "path/to/private/key", } 
https_server = tornado.httpserver.HTTPServer(application, ssl_options=SSL_OPTIONS) 

我找不到任何解決這個問題。我正在使用最新的龍捲風版本和python 2.7

謝謝!

+0

是的,我看着http://stackoverflow.com/questions/8767757/python-ssl-socket-server?rq=1,但它並沒有幫助:/ – Tobi

回答

2

如果你按照該頁面上的說明操作,你的鑰匙仍然有密碼,它只是空的。我不確定是否可以在Python 2中非交互式地使用帶密碼的密鑰(SSLContext.load_cert_chain的方法在Python 3.2中是新的)。您可以在第一步中將-des3更改爲-nodes(然後重複其餘步驟以獲取新密鑰),或使用openssl rsa從密碼中刪除密碼,從而創建一個沒有密碼的密鑰(這將禁用提示)關鍵你已經得到(見http://www.mnxsolutions.com/apache/removing-a-passphrase-from-an-ssl-key.html

+0

我的openssl genrsa沒有-node標誌,但是如果你根本沒有提供-des3,它也可以工作(http://gagravarr.org/writing/openssl-certs/ca.shtml) - 謝謝! – Tobi