SSL error after deployment about redcloud HOT 19 CLOSED

Deploying locally with GUI and browsing to either https://localhost/portainer or https://127.0.0.1/portainer now shows a self signed cert error, which is great news because now we've moved a step ahead :D

So I guess that something in either the web configuration or something in Virtualbox is causing this issue

However, when I ignore the warning and actually get to the page I get greeted by a 404 error message.

Personally I don't have a VPS hanging around which I don't use to test this on.

[edit] I just ran the local deployment on the same Ubuntu installed in VMware Workstation Player and it worked right away.

from redcloud.

curl shows the following:

root@vpn-machine:/home/pieter# curl https://192.168.2.24/portainer
curl: (35) error:14094438:SSL routines:ssl3_read_bytes:tlsv1 alert internal error

from redcloud.

Deploy local

$ curl -v https:///portainer

• Trying ...
• TCP_NODELAY set
• Connected to () port 443 (#0)
• ALPN, offering h2
• ALPN, offering http/1.1
• successfully set certificate verify locations:
• CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
• TLSv1.3 (OUT), TLS handshake, Client hello (1):
• TLSv1.3 (IN), TLS alert, Server hello (2):
• error:14094438:SSL routines:ssl3_read_bytes:tlsv1 alert internal error
• stopped the pause stream!
• Closing connection 0
  curl: (35) error:14094438:SSL routines:ssl3_read_bytes:tlsv1 alert internal error

from redcloud.

Same for me when using debian sid also, with a local install.

curl -v https://192.168.0.14/portainer

• Trying 192.168.0.14:443...
• TCP_NODELAY set
• connect to 192.168.0.14 port 443 failed: Connection refused
• Failed to connect to 192.168.0.14 port 443: Connection refused
• Closing connection 0
  curl: (7) Failed to connect to 192.168.0.14 port 443: Connection refused

curl https://192.168.0.14/portainer
curl: (7) Failed to connect to 192.168.0.14 port 443: Connection refused

from redcloud.

@ khast3x
Should we provide any other logs or info.

from redcloud.

Hello,
I have retested local and remote deploy on a Ubuntu and Kali, seems there are no issues on my side.
Debian is not officially supported, but the problem must lie with the local policy regarding unsigned https certificates.

Redcloud uses a unsigned https certificate in both deployments. If you cannot enforce local policy to accept unsigned https certificate, you can maybe edit traefik and docker configuration to listen to port 80 with no https instead.

I will leave this issue open in case a Debian user finds the adequate approach.

Cheers!

from redcloud.

Do you know where this local policy is set in Debian.

from redcloud.

I am unfamiliar with Debian maintenance, but it might come from the default repo's Firefox version and policy, maybe something like this.

Apart from that no idea sorry, hence leaving this issue open for other Debian users to help out.

Cheers!

from redcloud.

Hi khast3x, I just tried again with a clean install of Ubuntu 18.04.5 LTS where I deployed locally, but the issue still persists.

Can you try downloading a clean Ubuntu Server 18.04.5 LTS image, follow the how-to in the install instructions, deploy locally and get back to us?

[edit] This is an internal SSL error, and not an unsigned cert error

from redcloud.

Hello,

I have tested on a local Ubuntu (almost fresh) with no issues, and a fresh Ubuntu on a VPS. I am confused as to why this is not the case for you. Just in case, when deploying locally, be sure not that have a VPN running.

Instead of using the external IP displayed by Redcloud could you try with 127.0.0.1:

• In a browser: https://127.0.0.1/portainer
• CLI: curl -k -v https://127.0.0.1/portainer

Please note that Redcloud is mostly used on remote VPS for labs, so the local use cases have not been fully tested (which is also why Redcloud displays the external IP for a local deploy).

Cheers

from redcloud.

Hello, I'm currently installing a GUI on my server so I'll report back when I have news.

Just out of curiosity: Which version of Ubuntu do you use for testing?

from redcloud.

So protip: ditch your Virtualbox Ubuntu server and install it in VMware

from redcloud.

Thank for your feedback! 🤝
Seems like some lower level dark network magic is causing the SSL mechanism to crash. I don't have the bandwidth to investigate further but I hope it helps others.
On my side tests were performed on Ubuntu 18.04.4 LTS.

Feel free to update this issue if you find additional information.

Cheers!

from redcloud.

I think I can dig a little deeper if I can watch the traffic logs somehow. Do you know if Traefik allows this and how to do it?

from redcloud.

You can view the container logs using docker logs CONTAINER where CONTAINER is one of the containers described here. Both the Traefik and Portainer containers should have traffic logs.
You can also access the Traefik web interface by browsing to https://your-ip/api with the credentials admin:Redcloud (these can be changed with the .htaccess file.)

Hope this helps

from redcloud.

I have tried the docker logs -f with both the portainer and traefik containers but neither were giving out logs. The problem with looking at the Traefik web interface is that you would need a working connection to see why the connection isn't working. Defaulting back to HTTP also won't solve it I think because then you also won't have SSL errors.

Bit of a chicken/egg situation :)

from redcloud.

The easiest way to access the logs in this case should be:
docker volume inspect redcloud_logs, and changing directory to the path indicated by the "Mountpoint" key, should be something like:

cd /var/lib/docker/volumes/redcloud_logs/_data. You'll have the saved logs access.log and traefik.log in this directory.

Cheers

from redcloud.

I typed command python3 redcloud.py

then i get this error

2
[?] Target IP or hostname?

[?] Target username? (Default: root)

root
ssh: connect to host ------------- port 22: Connection refused
[!] Something went wrong with running command
Command '['ssh', 'root@-----------------', 'command', '-v', 'curl', '||', 'echo', '"error"']' returned non-zero exit status 255.
Traceback (most recent call last):
File "/root/redcloud/redcloud.py", line 418, in
menu_deploy_target()
File "/root/redcloud/redcloud.py", line 370, in menu_deploy_target
deploy_remote_ssh()
File "/root/redcloud/redcloud.py", line 215, in deploy_remote_ssh
if output != "error" and len(output) != 0:
TypeError: object of type 'NoneType' has no len()

ANY HELP ??

from redcloud.

@FrankensteinEvil0069 Check if the machine is actually reachable from SSH, if it is open a seperate issue for this.

Closing this issue because I was unable to reproduce this behavior.

from redcloud.