actix-website icon indicating copy to clipboard operation
actix-website copied to clipboard
verified publisher icon actix

ACTIX WEB HTTP2 & OPENSSL : not working exact example from actix.rs website

Open letter-p opened this issue 3 years ago • 1 comments

What am I missing? Example : (https://actix.rs/docs/http2/)

Expected Behavior

image

Current Behavior

image

thread 'main' panicked at '||||error2: ErrorStack([Error { code: 2147483650, library: "system library", function: "file_ctrl", file: "../crypto/bio/bss_file.c", line: 297, data: "calling fopen(key.pem, r)" }, Error { code: 268959746, library: "BIO routines", function: "file_ctrl", reason: "system lib", file: "../crypto/bio/bss_file.c", line: 300 }, Error { code: 168296450, library: "SSL routines", function: "SSL_CTX_use_PrivateKey_file", reason: "system lib", file: "../ssl/ssl_rsa.c", line: 367 }])', src/main.rs:132:10 note: run with RUST_BACKTRACE=1 environment variable to display a backtrace

"WEIRD" Behavior

  • it works if I cargo run it inside the /src but not in the root

Steps to Reproduce

  • Download OpenSSL inside windows 10 WSL Ubuntu linux (https://fedingo.com/how-to-install-openssl-in-ubuntu/)

  • Cargo new testing

  • toml file [dependencies] actix-web = { version = "4", features = ["openssl"] } openssl = { version = "0.10", features = ["v110"] }

  • main.rs ``#[actix_web::main] async fn main() -> std::io::Result<()> { // load TLS keys // to create a self-signed temporary cert for testing: // openssl req -x509 -newkey rsa:4096 -nodes -keyout key.pem -out cert.pem -days 365 -subj '/CN=localhost' let mut builder = SslAcceptor::mozilla_intermediate(SslMethod::tls()).unwrap(); builder .set_private_key_file("key.pem", SslFiletype::PEM) .unwrap(); builder.set_certificate_chain_file("cert.pem").unwrap();

    HttpServer::new(|| App::new().route("/", web::get().to(index))) .bind_openssl("127.0.0.1:8080", builder)? .run() .await }``

  • Create the .pem files openssl req -x509 -newkey rsa:4096 -nodes -keyout key.pem -out cert.pem -days 365 -subj '/CN=localhost'

Context

My Code image image

  • Rust Version (I.e, output of rustc -V): rustc 1.64.0 (a55dd71d5 2022-09-19)
  • Actix Web Version: version = "4"

letter-p avatar Oct 03 '22 08:10 letter-p

AFAICT you created your key and certificate chain files in src/ and not in the root directory of your crate. If you update the file locations:

builder
    .set_private_key_file("src/key.pem", SslFiletype::PEM)
    .unwrap();
builder.set_certificate_chain_file("src/cert.pem").unwrap();

running cargo run from your crate's root should work? Could you please try this and tell us if this resolves your issue?

If I'm correct we could update the comment in the example to make it more explicit where to run the openssl command to generate the self-signed certificate (or where the files should be located).

jofas avatar Mar 04 '23 13:03 jofas

http2 page has moved to using rustls now

robjtede avatar Mar 02 '24 17:03 robjtede