Comments (11)
I usually skip the --protocol arg completely -- does that fix your issues? I know chrome -> hq server is working.
from proxygen.
Unfortunately it doesn't work :(
from proxygen.
If you just run
./hq --mode=server --cert=<your cert> --key=<your key> --port 8443 -v 4
And hit with chrome, what's the server output?
from proxygen.
If you just run
./hq --mode=server --cert=<your cert> --key=<your key> --port 8443 -v 4
And hit with chrome, what's the server output?
E1109 12:34:45.815054 7856 main.cpp:44] Cannot open /tmp/logs
I1109 12:34:45.816812 7857 AeadTokenCipher.cpp:39] Updating token secrets
I1109 12:34:45.816824 7857 AeadTokenCipher.cpp:48] Updating token secrets, num=1
I1109 12:34:45.817651 7856 AeadTokenCipher.cpp:39] Updating token secrets
I1109 12:34:45.817658 7856 AeadTokenCipher.cpp:48] Updating token secrets, num=1
I1109 12:34:45.818532 7857 SSLContextManager.cpp:833] cert /etc/http32webserver/cert/localhost.crt Identity: localhost
I1109 12:34:45.818539 7857 SSLContextManager.cpp:836] cert /etc/http32webserver/cert/localhost.crt SAN:
I1109 12:34:45.818593 7857 SSLContextManager.cpp:732] For vip vip_, setting sid_ctx localhost
I1109 12:34:45.818710 7857 SSLContextManager.cpp:740] On VipID=[::1]:6667 context=0x7f6788017d40
I1109 12:34:45.818728 7857 SSLContextManager.cpp:1091] Adding CN/Subject-alternative-name "localhost" for SNI search
I1109 12:34:45.819213 7857 AeadTokenCipher.cpp:39] Updating token secrets
I1109 12:34:45.819218 7857 AeadTokenCipher.cpp:48] Updating token secrets, num=1
I1109 12:34:45.819875 7857 SSLContextManager.cpp:833] cert /etc/http32webserver/cert/localhost.crt Identity: localhost
I1109 12:34:45.819881 7857 SSLContextManager.cpp:836] cert /etc/http32webserver/cert/localhost.crt SAN:
I1109 12:34:45.819924 7857 SSLContextManager.cpp:732] For vip vip_, setting sid_ctx localhost
I1109 12:34:45.819931 7857 SSLContextManager.cpp:740] On VipID=[::1]:6667 context=0x7f67880bf360
I1109 12:34:45.819937 7857 SSLContextManager.cpp:1091] Adding CN/Subject-alternative-name "localhost" for SNI search
I1109 12:34:45.820389 7857 AeadTokenCipher.cpp:39] Updating token secrets
I1109 12:34:45.820394 7857 AeadTokenCipher.cpp:48] Updating token secrets, num=1
I1109 12:34:45.821027 7857 SSLContextManager.cpp:833] cert /etc/http32webserver/cert/localhost.crt Identity: localhost
I1109 12:34:45.821031 7857 SSLContextManager.cpp:836] cert /etc/http32webserver/cert/localhost.crt SAN:
I1109 12:34:45.821075 7857 SSLContextManager.cpp:732] For vip vip_, setting sid_ctx localhost
I1109 12:34:45.821081 7857 SSLContextManager.cpp:740] On VipID=[::1]:6667 context=0x7f67880cde90
I1109 12:34:45.821087 7857 SSLContextManager.cpp:1091] Adding CN/Subject-alternative-name "localhost" for SNI search
I1109 12:34:45.821547 7857 AeadTokenCipher.cpp:39] Updating token secrets
I1109 12:34:45.821552 7857 AeadTokenCipher.cpp:48] Updating token secrets, num=1
I1109 12:34:45.822196 7857 SSLContextManager.cpp:833] cert /etc/http32webserver/cert/localhost.crt Identity: localhost
I1109 12:34:45.822201 7857 SSLContextManager.cpp:836] cert /etc/http32webserver/cert/localhost.crt SAN:
I1109 12:34:45.822264 7857 SSLContextManager.cpp:732] For vip vip_, setting sid_ctx localhost
I1109 12:34:45.822273 7857 SSLContextManager.cpp:740] On VipID=[::1]:6667 context=0x7f67880dc390
I1109 12:34:45.822283 7857 SSLContextManager.cpp:1091] Adding CN/Subject-alternative-name "localhost" for SNI search
I1109 12:34:45.822836 7857 AeadTokenCipher.cpp:39] Updating token secrets
I1109 12:34:45.822841 7857 AeadTokenCipher.cpp:48] Updating token secrets, num=1
I1109 12:34:45.823822 7857 SSLContextManager.cpp:833] cert /etc/http32webserver/cert/localhost.crt Identity: localhost
I1109 12:34:45.823828 7857 SSLContextManager.cpp:836] cert /etc/http32webserver/cert/localhost.crt SAN:
I1109 12:34:45.823876 7857 SSLContextManager.cpp:732] For vip vip_, setting sid_ctx localhost
I1109 12:34:45.823884 7857 SSLContextManager.cpp:740] On VipID=[::1]:6667 context=0x7f67880eb2d0
I1109 12:34:45.823891 7857 SSLContextManager.cpp:1091] Adding CN/Subject-alternative-name "localhost" for SNI search
I1109 12:34:45.824409 7857 AeadTokenCipher.cpp:39] Updating token secrets
I1109 12:34:45.824412 7857 AeadTokenCipher.cpp:48] Updating token secrets, num=1
I1109 12:34:45.825254 7857 SSLContextManager.cpp:833] cert /etc/http32webserver/cert/localhost.crt Identity: localhost
I1109 12:34:45.825261 7857 SSLContextManager.cpp:836] cert /etc/http32webserver/cert/localhost.crt SAN:
I1109 12:34:45.825313 7857 SSLContextManager.cpp:732] For vip vip_, setting sid_ctx localhost
I1109 12:34:45.825321 7857 SSLContextManager.cpp:740] On VipID=[::1]:6667 context=0x7f67880f99d0
I1109 12:34:45.825330 7857 SSLContextManager.cpp:1091] Adding CN/Subject-alternative-name "localhost" for SNI search
I1109 12:34:45.825836 7857 AeadTokenCipher.cpp:39] Updating token secrets
I1109 12:34:45.825839 7857 AeadTokenCipher.cpp:48] Updating token secrets, num=1
I1109 12:34:45.826503 7857 SSLContextManager.cpp:833] cert /etc/http32webserver/cert/localhost.crt Identity: localhost
I1109 12:34:45.826508 7857 SSLContextManager.cpp:836] cert /etc/http32webserver/cert/localhost.crt SAN:
I1109 12:34:45.826552 7857 SSLContextManager.cpp:732] For vip vip_, setting sid_ctx localhost
I1109 12:34:45.826558 7857 SSLContextManager.cpp:740] On VipID=[::1]:6667 context=0x7f67880f8950
I1109 12:34:45.826565 7857 SSLContextManager.cpp:1091] Adding CN/Subject-alternative-name "localhost" for SNI search
I1109 12:34:45.827070 7857 AeadTokenCipher.cpp:39] Updating token secrets
I1109 12:34:45.827075 7857 AeadTokenCipher.cpp:48] Updating token secrets, num=1
I1109 12:34:45.827760 7857 SSLContextManager.cpp:833] cert /etc/http32webserver/cert/localhost.crt Identity: localhost
I1109 12:34:45.827769 7857 SSLContextManager.cpp:836] cert /etc/http32webserver/cert/localhost.crt SAN:
I1109 12:34:45.827828 7857 SSLContextManager.cpp:732] For vip vip_, setting sid_ctx localhost
I1109 12:34:45.827836 7857 SSLContextManager.cpp:740] On VipID=[::1]:6667 context=0x7f67881168a0
I1109 12:34:45.827843 7857 SSLContextManager.cpp:1091] Adding CN/Subject-alternative-name "localhost" for SNI search
I1109 12:34:45.828923 7866 QuicServer.cpp:274] No valid takenover fd found for address=[::1]:8443. binding on worker=0x2b7a170 workerId=0 processId=0
I1109 12:34:45.828984 7867 QuicServer.cpp:274] No valid takenover fd found for address=[::1]:8443. binding on worker=0x2b7a940 workerId=1 processId=0
I1109 12:34:45.829016 7868 QuicServer.cpp:274] No valid takenover fd found for address=[::1]:8443. binding on worker=0x2b7b110 workerId=2 processId=0
I1109 12:34:45.829037 7869 QuicServer.cpp:274] No valid takenover fd found for address=[::1]:8443. binding on worker=0x2b7b8e0 workerId=3 processId=0
I1109 12:34:45.829056 7870 QuicServer.cpp:274] No valid takenover fd found for address=[::1]:8443. binding on worker=0x2b7c0d0 workerId=4 processId=0
I1109 12:34:45.829073 7872 QuicServer.cpp:274] No valid takenover fd found for address=[::1]:8443. binding on worker=0x2b7c8e0 workerId=5 processId=0
I1109 12:34:45.829092 7873 QuicServer.cpp:274] No valid takenover fd found for address=[::1]:8443. binding on worker=0x2b7d0d0 workerId=6 processId=0
I1109 12:34:45.829123 7874 QuicServer.cpp:274] No valid takenover fd found for address=[::1]:8443. binding on worker=0x2b7d8e0 workerId=7 processId=0
I1109 12:34:45.829139 7874 QuicServer.cpp:285] Initialized all workers in the eventbase
I1109 12:34:45.829190 7856 HQServer.cpp:285] HQ server started at: [::1]:8443
I1109 12:34:47.248520 7858 AsyncSSLSocket.cpp:340] actual destruction of AsyncSSLSocket(this=0x7f6780002550, evb=0x7f6780000d80, fd=folly::NetworkSocket(-1), state=3, sslState=9, events=0)
I1109 12:34:47.248592 7858 AsyncSocket.cpp:3169] this=0x7f6780003560, AsyncSocket::handleRead() got 517 bytes
I1109 12:34:47.255234 7858 AsyncSocket.cpp:3169] this=0x7f6780003560, AsyncSocket::handleRead() got 30 bytes
I1109 12:34:47.255358 7858 FizzAcceptorHandshakeHelper.cpp:153] Fizz handshake error with (peer=[::1]:45860, local=[::1]:6667) after 6 ms; 547 bytes received & 2120 bytes sent: fizz::FizzException: received alert: certificate_unknown, in state ExpectingFinished
I1109 12:34:47.255385 7858 Acceptor.cpp:548] Acceptor=0x7f6788007680 onEmpty()
I1109 12:34:48.002563 7859 AsyncSSLSocket.cpp:340] actual destruction of AsyncSSLSocket(this=0x7f67840021e0, evb=0x7f6784000d40, fd=folly::NetworkSocket(-1), state=3, sslState=9, events=0)
I1109 12:34:48.002631 7859 AsyncSocket.cpp:3169] this=0x7f6784002f00, AsyncSocket::handleRead() got 517 bytes
I1109 12:34:48.010644 7859 AsyncSocket.cpp:3169] this=0x7f6784002f00, AsyncSocket::handleRead() got 30 bytes
I1109 12:34:48.010754 7859 FizzAcceptorHandshakeHelper.cpp:153] Fizz handshake error with (peer=[::1]:45868, local=[::1]:6667) after 8 ms; 547 bytes received & 2120 bytes sent: fizz::FizzException: received alert: certificate_unknown, in state ExpectingFinished
I1109 12:34:48.010775 7859 Acceptor.cpp:548] Acceptor=0x7f678804b2d0 onEmpty()
from proxygen.
On older version(10.16)
I1109 13:27:25.661306 67818 QuicServerWorker.cpp:1134] QuicServer readerr: AsyncSocketException: AsyncUDPSocket::getReadBuffer() returned empty buffer, type = Invalid arguments
I1109 13:27:25.661463 67811 QuicServerWorker.cpp:1384] QuicServer shutdown all connections. addressMap=0 connectionIdMap=0
I1109 13:27:25.661550 67812 QuicServerWorker.cpp:1384] QuicServer shutdown all connections. addressMap=0 connectionIdMap=0
I1109 13:27:25.661600 67813 QuicServerWorker.cpp:1384] QuicServer shutdown all connections. addressMap=0 connectionIdMap=0
I1109 13:27:25.661643 67814 QuicServerWorker.cpp:1384] QuicServer shutdown all connections. addressMap=0 connectionIdMap=0
I1109 13:27:25.661676 67815 QuicServerWorker.cpp:1384] QuicServer shutdown all connections. addressMap=0 connectionIdMap=0
I1109 13:27:25.661716 67816 QuicServerWorker.cpp:1384] QuicServer shutdown all connections. addressMap=0 connectionIdMap=0
I1109 13:27:25.661752 67817 QuicServerWorker.cpp:1384] QuicServer shutdown all connections. addressMap=0 connectionIdMap=0
I1109 13:27:25.661772 67818 QuicServerWorker.cpp:1384] QuicServer shutdown all connections. addressMap=0 connectionIdMap=0
from proxygen.
Relevant log line:
I1109 12:34:47.255358 7858 FizzAcceptorHandshakeHelper.cpp:153] Fizz handshake error with (peer=[::1]:45860, local=[::1]:6667) after 6 ms; 547 bytes received & 2120 bytes sent: fizz::FizzException: received alert: certificate_unknown, in state ExpectingFinished
Is your cert unexpired and trusted by your browser?
from proxygen.
Relevant log line:
I1109 12:34:47.255358 7858 FizzAcceptorHandshakeHelper.cpp:153] Fizz handshake error with (peer=[::1]:45860, local=[::1]:6667) after 6 ms; 547 bytes received & 2120 bytes sent: fizz::FizzException: received alert: certificate_unknown, in state ExpectingFinished
Is your cert unexpired and trusted by your browser?
My certificate is unexpired and added to my browser
from proxygen.
I have the same issue on macOS, hq http3 not working with browsers but it works with HQClient.
Update: It works on FireFox nightly.
from proxygen.
I'm working with proxygen <v2023.10.16.00>. HQServer works well with these parameters : --host=:: --port=443 --h2port==443 --protocol=h3 --quic_version=0. Google Chrome 119.0.6045.159, Mozilla Firefox 120.0, Microsoft Edge 119.0.2151.58 could setup a h3 connection to HQServer without problem.
from proxygen.
I'm working with proxygen <v2023.10.16.00>. HQServer works well with these parameters : --host=:: --port=443 --h2port==443 --protocol=h3 --quic_version=0. Google Chrome 119.0.6045.159, Mozilla Firefox 120.0, Microsoft Edge 119.0.2151.58 could setup a h3 connection to HQServer without problem.
I tested it on Google Chrome on macOS, but unfortunately, it didn't work. It seems that your test was conducted on Windows OS.
from proxygen.
I'm working with proxygen <v2023.10.16.00>. HQServer works well with these parameters : --host=:: --port=443 --h2port==443 --protocol=h3 --quic_version=0. Google Chrome 119.0.6045.159, Mozilla Firefox 120.0, Microsoft Edge 119.0.2151.58 could setup a h3 connection to HQServer without problem.
I tested it on Google Chrome on macOS, but unfortunately, it didn't work. It seems that your test was conducted on Windows OS.
I built and tested on Rocky Linux 9 - not Windows, btw i didn't use the default TLS certificates in the sample code https://github.com/facebook/proxygen/blob/main/proxygen/httpserver/samples/hq/FizzContext.cpp, just imported the real TLS certificates from Let's Encrypt
from proxygen.
Related Issues (20)
- Transferring Sessions between threads for Http Client Connection Pool HOT 8
- DetachThreadLocals() fails CHECK HOT 22
- Homebrew build of proxygen failing HOT 7
- ServerIdleSessionConroller:getIdleSession() returns session already in thread HOT 5
- Concurrent performance supported by the HTTP server
- Websocket Key Mismatch HOT 2
- Connection Close Reason SHUTDOWN HOT 3
- `EchoHandler` in `proxygen/httpserver/samples/echo/EchoHandler.h` has unnecessary `body_` member
- Request smuggling vulnerability in Proxygen
- websocket client with SSL problem: Server replied to me "Bad Request" HOT 5
- proxygen fails to build when a newer glog package is installed
- Proxygen for iOS HOT 2
- httpserver/samples/websocket
- Ingress Error and drain() HOT 2
- httpserver/samples/websocket
- Segfault in HQ server
- Build problems, segfault UT HOT 2
- Remove the use of requiring sudo for installing deps HOT 3
- HTTP2 Protocol Error HOT 3
- Proxygen For Windows
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from proxygen.