Is that possible to run elasticHQ on https protocol?

[kun-truescope]

General information

• OS Platform and Distribution: centos7.4
• ElasticHQ Version: latest master
• Elasticsearch Version: 7
• Python version: 3.4.9
• Browser Vendor and Version (if applicable): Chrome Version 76

Issue Description

I was thinking to deploy elasticHQ on my ec2 instance to manage my AWS elasticsearch service, so it might be nice to run elasticHQ on https instead of http.

At first, I was thinking to use --enable-ssl and --ca-certs to do it, but it looks it doesn't work. Maybe these two params are for different purpose.

Then I started to look at the flask application and found that there are two options can be used to configure the cert and key. Then I updated the application.py file e.g.

application.py

socketio.run(application, host=options.host, port=options.port, debug=options.debug, keyfile='key.pem', certfile='cert.pem')

But elasticHQ doesn't response the https request and gives me back a lot of error messages as following

Logs from elasticHQ

Traceback (most recent call last):
  File "/home/kun.liu/.pyenv/versions/3.4.9/lib/python3.4/site-packages/eventlet/hubs/hub.py", line 458, in fire_timers
    timer()
  File "/home/kun.liu/.pyenv/versions/3.4.9/lib/python3.4/site-packages/eventlet/hubs/timer.py", line 58, in __call__
    cb(*args, **kw)
  File "/home/kun.liu/.pyenv/versions/3.4.9/lib/python3.4/site-packages/eventlet/greenthread.py", line 218, in main
    result = function(*args, **kwargs)
  File "/home/kun.liu/.pyenv/versions/3.4.9/lib/python3.4/site-packages/eventlet/wsgi.py", line 787, in process_request
    proto.__init__(conn_state, self)
  File "/home/kun.liu/.pyenv/versions/3.4.9/lib/python3.4/site-packages/eventlet/wsgi.py", line 341, in __init__
    self.handle()
  File "/home/kun.liu/.pyenv/versions/3.4.9/lib/python3.4/site-packages/eventlet/wsgi.py", line 374, in handle
    self.handle_one_request()
  File "/home/kun.liu/.pyenv/versions/3.4.9/lib/python3.4/site-packages/eventlet/wsgi.py", line 403, in handle_one_request
    self.raw_requestline = self._read_request_line()
  File "/home/kun.liu/.pyenv/versions/3.4.9/lib/python3.4/site-packages/eventlet/wsgi.py", line 386, in _read_request_line
    return self.rfile.readline(self.server.url_length_limit)
  File "/home/kun.liu/.pyenv/versions/3.4.9/lib/python3.4/socket.py", line 378, in readinto
    return self._sock.recv_into(b)
  File "/home/kun.liu/.pyenv/versions/3.4.9/lib/python3.4/site-packages/eventlet/green/ssl.py", line 204, in recv_into
    return self._base_recv(nbytes, flags, into=True, buffer_=buffer)
  File "/home/kun.liu/.pyenv/versions/3.4.9/lib/python3.4/site-packages/eventlet/green/ssl.py", line 225, in _base_recv
    read = self.read(nbytes, buffer_)
  File "/home/kun.liu/.pyenv/versions/3.4.9/lib/python3.4/site-packages/eventlet/green/ssl.py", line 139, in read
    super(GreenSSLSocket, self).read, *args, **kwargs)
  File "/home/kun.liu/.pyenv/versions/3.4.9/lib/python3.4/site-packages/eventlet/green/ssl.py", line 109, in _call_trampolining
    return func(*a, **kw)
  File "/home/kun.liu/.pyenv/versions/3.4.9/lib/python3.4/ssl.py", line 626, in read
    v = self._sslobj.read(len, buffer)
ssl.SSLWantReadError: The operation did not complete (read) (_ssl.c:1748)```

I tested same method on my example flask application, it works fine. I even tried different python versions, e.g. 3.7, 3.6 but none of them work

Any advice is much appreciated. Thanks

[royrusso]

Are you using a self-signed cert? It may be related to #471

[kun-truescope]

Are you using a self-signed cert? It may be related to #471

Yes. I was using self-signed certificate. Thanks for your reply.