spesmilo
ssl ports randomly close
so i run 2 electrumx servers, and the ssl ports on both have suddenly closed within 24 hours of each other, and the tcp ports have remained open, according to all seeing eye. the websocket port is also open and working. running nmap i see the ssl port is open to the outside. electrumx says the certs are good on startup and they are open, lsof says they are open as well. i see no errors anywhere.
electrum@electrum:~/electrumx$ sudo lsof -i:50002
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
python3 6016 electrum 21u IPv4 107291 0t0 TCP *:50002 (LISTEN)
python3 6016 electrum 22u IPv6 107292 0t0 TCP *:50002 (LISTEN)
electrum@electrum:~/electrumx$ sudo lsof -i:50001
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
python3 6016 electrum 16u IPv4 664267 0t0 TCP electrum:50001->174.127.145.82:56702 (ESTABLISHED)
python3 6016 electrum 19u IPv4 107289 0t0 TCP *:50001 (LISTEN)
python3 6016 electrum 20u IPv6 107290 0t0 TCP *:50001 (LISTEN)
nmap from the outside also shows port 50002 open.
INFO:SessionManager:TCP server listening on all_interfaces:50001
INFO:SessionManager:SSL server listening on all_interfaces:50002
INFO:SessionManager:WSS server listening on all_interfaces:50004
INFO:SessionManager:advertising service tcp://electrum-verge.cloud:50001
INFO:SessionManager:advertising service ssl://electrum-verge.cloud:50002
INFO:SessionManager:advertising service wss://electrum-verge.cloud:50004
INFO:ElectrumX:[0] SSL 68.183.133.141:56532, 0 total
INFO:PeerManager:no proxy detected, will try later
INFO:PeerManager:[electrum-verge.cloud:50002 SSL] verified in 0.0s
the ssl ports were fine since i set up both servers roughly 3 months ago and had no previous ssl port issues. letsencrypt certs wont expire for another 8 or 9 months.. any ideas?
side notes that may/may not be relevant: i am using the same letsencrypt certs that electrumx is using, in apache2 on the same server, and they are also copied to a directory that electrumx has access to as well. the setup was working perfectly for 3 months. i've run compact history a few times in between and started back up and have had no issues until this week.
update: noticed electrumx was using 90% cpu, trying uvloop. will update n close if it works.
update 2: uvloop policy didnt help, patched asyncio using this patch: https://github.com/spesmilo/electrumx/issues/92#issuecomment-832095629 (thanks @SomberNight )
ok so the ssl port was open on startup, and i saw the all seeing eye monitor connected to 50002 via netstat, but once the server went live, there were no more connections to the ssl port and it appears closed to the monitoring client again. im puzzled. electrumx is using >90% cpu most of the time as well.
What version of python are you using? Maybe try updating it to a newer version, ideally 3.11+. Also, if it is only the SSL ports you are having trouble with, try putting an nginx reverse-proxy in front of electrumx and let that terminate SSL. From experience, the SSL code in nginx seems to be much more robust than python's.
@SomberNight python 3.8, ill update it.. yes only the ssl ports, they were working fine for the last 3 months and then suddenly both servers closed the ssl ports within a day of each other, but tcp and wss remain open. nmap also shows that ssl port is open on the machine, however electrumx is not responsive on it.
updated to 3.12, seems to still have the issue.. after i start it up, i can see incoming connections on ssl port with netstat, but once the server goes live, they disappear. bizarre behavior. wss and tcp ports are open n have connections.
update: was watching the console for a bit, while the tcp and wss ports were open, but the ssl hadn't been.. and this came up after about an hour after the server went live:
INFO:ElectrumX:[14] SSL 68.183.133.141:41520, 1 total
INFO:PeerManager:[electrum-verge.cloud:50002 SSL] verified in 0.0s
that is the servers ip address., however the monitoring service is still showing the ssl port as closed.