These are chat archives for springjazzy/GIS_JKH_Integration

13th
Jun 2016
7vitaly-krasovsky7
@7vitaly-krasovsky7
Jun 13 2016 08:22
@mixamarciv Я тоже вчера периодически 502 ошибку (Bad gateway) на СИТ-02 получал. Сегодня полет нормальный, работают оба стенда.
mixamarciv
@mixamarciv
Jun 13 2016 11:48
спасибо большое, но сегодня у меня уже другая ошибка (
МагПро КриптоТуннель
ОШИБКА 818
Сервер отвечает, но соединение с ним установить не удается
главное никакие сертификаты и настройки кроме адресов серверов я не менял (
stunnel.conf:
verify=2
client=yes
CAFile=..\crypto\CA-SIT.pem
engine=gost
usb_eject=yes
sslVersion=TLSv1
taskbar=yes
DEBUG=7
output=stunnel20160613.log

[pseudo-https]
protocol = http
accept = 0.0.0.0:8080
connect = 217.107.108.147:10082
ciphers = GOST2001-GOST89-GOST89
TIMEOUTclose = 0
cert=..\crypto\guk_DER.pem
key=..\crypto\guk_p12.key
stunnel20160613.log:
2016.06.13 14:48:15 LOG6[1276:972]: connect_blocking: connecting 217.107.108.147:10082
2016.06.13 14:48:15 LOG7[1276:972]: connect_blocking: s_poll_wait 217.107.108.147:10082: waiting 10 seconds
2016.06.13 14:48:15 LOG7[1276:972]: Remote FD=436 initialized
2016.06.13 14:48:15 LOG5[1276:972]: Negotiations for http (client side) started
2016.06.13 14:48:15 LOG5[1276:972]: Protocol negotiations succeeded
2016.06.13 14:48:15 LOG7[1276:972]: SSL state (connect): before/connect initialization
2016.06.13 14:48:15 LOG7[1276:972]: SSL state (connect): SSLv3 write client hello A
2016.06.13 14:48:15 LOG7[1276:972]: SSL alert (write): fatal: protocol version
2016.06.13 14:48:15 LOG3[1276:972]: SSL_connect: 1408F10B: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
2016.06.13 14:48:15 LOG7[1276:972]: FD=440 in non-blocking mode
2016.06.13 14:48:15 LOG6[1276:972]: connect_blocking: connecting 217.107.108.147:10082
2016.06.13 14:48:15 LOG7[1276:972]: connect_blocking: s_poll_wait 217.107.108.147:10082: waiting 10 seconds
2016.06.13 14:48:15 LOG7[1276:972]: Remote FD=440 initialized
2016.06.13 14:48:15 LOG5[1276:972]: Negotiations for http (client side) started
2016.06.13 14:48:15 LOG5[1276:972]: Protocol negotiations succeeded
2016.06.13 14:48:15 LOG7[1276:972]: SSL state (connect): before/connect initialization
2016.06.13 14:48:15 LOG7[1276:972]: SSL state (connect): SSLv3 write client hello A
2016.06.13 14:48:16 LOG7[1276:972]: SSL alert (write): fatal: protocol version
2016.06.13 14:48:16 LOG3[1276:972]: SSL_connect: 1408F10B: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
2016.06.13 14:48:16 LOG5[1276:972]: Connection closed: 0 bytes sent to SSL, 0 bytes sent to socket
2016.06.13 14:48:16 LOG7[1276:972]: Service pseudo-https finished (0 left)
2016.06.13 14:48:16 LOG7[1276:320]: Service pseudo-https accepted FD=404 from 127.0.0.1:49343
2016.06.13 14:48:16 LOG7[1276:320]: Creating a new thread
2016.06.13 14:48:16 LOG7[1276:320]: New thread created
2016.06.13 14:48:16 LOG7[1276:1616]: Service pseudo-https started
2016.06.13 14:48:16 LOG7[1276:1616]: FD=404 in non-blocking mode
2016.06.13 14:48:16 LOG5[1276:1616]: Connection closed: 0 bytes sent to SSL, 0 bytes sent to socket
2016.06.13 14:48:16 LOG7[1276:1616]: Service pseudo-https finished (0 left)
7vitaly-krasovsky7
@7vitaly-krasovsky7
Jun 13 2016 15:49

verify=2
client=yes
CAFile=..\crypto\CA-SIT.pem
engine=gost
error_image=error.png
usb_eject=yes
;output=stunnel.log
sslVersion=TLSv1
taskbar=yes
DEBUG=7

[pseudo-https]
protocol = http
accept = 127.0.0.1:8080
connect = 217.107.108.156:10081
ciphers = GOST2001-GOST89-GOST89
TIMEOUTclose = 0
cert=..\crypto\test.pem
key=..\crypto\test.key
cert_sign=..\crypto\test.pem
key_sign=..\crypto\test.key
sign_only_new=no
sign_inputs=ID797C1C735EEB4926925375E1D6907834
sign_files=IDCBB806E365FB4FBA9490AB20303971F4

Так выглядит наш, например. Работает корректно. Сертификат CA-SIT.pem из папки с форматами 8.7.2.2