search

HelloZeroNet / ZeroNet

ZeroNet - Decentralized websites using Bitcoin crypto and BitTorrent network
https://zeronet.io
Other
18.31k stars 2.26k forks source link

Connection are not encrypted in Windows Python3 #2093

Open 0polar opened 5 years ago

0polar commented 5 years ago

Same as https://127.0.0.1:43110/Talk.ZeroNetwork.bit/?Topic:1562744772_1G5aYYLCYtwKYfnnvLUTNVDC5kmy8RP7D7/How+to+enable+crypt+connetion+I+m+using+zeronet+py3

Error log:

[13:15:49] - RSA ECC SSL CAcert generation failed, CAcert or CAkey files not exist.

Debug info:

"tools\openssl\openssl.exe" req -new -newkey rsa:2048 -days 3650 -nodes -x509 -config "src/lib/openssl/openssl.cnf" -subj "/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 High Assurance Server CA" -keyout "./data/cakey-rsa.pem" -out "./data/cacert-rsa.pem" -batch

Probably openssl.exe is missing.

0polar commented 5 years ago

FYI: OpenSSL is located in:

Debug info in Python2:

"src\lib\opensslVerify\openssl.exe" x509 -req -in "./data/cert-rsa.csr" -CA "./data/cacert-rsa.pem" -CAkey "./data/cakey-rsa.pem" -CAcreateserial -out "./data/cert-rsa.pem" -days 730 -sha256 -extensions x509_ext -extfile "src/lib/opensslVerify/openssl.cnf"
HelloZeroNet commented 5 years ago

I just tested and for me it does generates the certs.

Please check the - Generating RSA CAcert and CAkey PEM files... line in log/debug.log

Have you downloaded it from https://github.com/HelloZeroNet/ZeroNet-win/archive/dist-win64/ZeroNet-py3-win64.zip ?

0polar commented 5 years ago 
[2019-07-12 18:49:22,104] INFO     Ui.UiServer --------------------------------------
[2019-07-12 18:49:22,104] INFO     Ui.UiServer Web interface: http://127.0.0.1:43110/
[2019-07-12 18:49:22,104] INFO     Ui.UiServer --------------------------------------
[2019-07-12 18:49:22,106] DEBUG    - Current maxstdio: 512, changing to 2048...
[2019-07-12 18:49:22,106] DEBUG    - Generating RSA CAcert and CAkey PEM files...
[2019-07-12 18:49:22,174] DEBUG    - "tools\openssl\openssl.exe" req -new -newkey rsa:2048 -days 3650 -nodes -x509 -config "src/lib/openssl/openssl.cnf" -subj "/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 High Assurance Server CA" -keyout "./data/cakey-rsa.pem" -out "./data/cacert-rsa.pem" -batch
The system cannot find the path specified.
[2019-07-12 18:49:22,174] ERROR    - RSA ECC SSL CAcert generation failed, CAcert or CAkey files not exist.
[2019-07-12 18:49:22,174] DEBUG    TorManager Starting (Tor: enable)
[2019-07-12 18:49:22,174] DEBUG    TorManager Connecting to Tor Controller localhost:9151

No, I download from source code (https://github.com/HelloZeroNet/ZeroNet/archive/py3.zip)

HelloZeroNet commented 5 years ago

Then download https://github.com/HelloZeroNet/ZeroNet-win/archive/dist-win64/ZeroNet-py3-win64.zip and unpack the core/tools directory next to zeronet.py

0polar commented 5 years ago 
[2019-07-12 21:12:34,710] INFO     Ui.UiServer --------------------------------------
[2019-07-12 21:12:34,711] INFO     Ui.UiServer Web interface: http://127.0.0.1:43110/
[2019-07-12 21:12:34,711] INFO     Ui.UiServer --------------------------------------
[2019-07-12 21:12:34,712] DEBUG    - Current maxstdio: 512, changing to 2048...
[2019-07-12 21:12:34,713] DEBUG    - Generating RSA CAcert and CAkey PEM files...
[2019-07-12 21:12:35,200] DEBUG    - "tools\openssl\openssl.exe" req -new -newkey rsa:2048 -days 3650 -nodes -x509 -config "src/lib/openssl/openssl.cnf" -subj "/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 High Assurance Server CA" -keyout "./data/cakey-rsa.pem" -out "./data/cacert-rsa.pem" -batch
Generating a RSA private key
...........................................................................................................................................................................+++++
..+++++
writing new private key to './data/cakey-rsa.pem'
-----
[2019-07-12 21:12:35,200] DEBUG    - Generating certificate key and signing request...
[2019-07-12 21:12:35,495] DEBUG    - "tools\openssl\openssl.exe" req -new -newkey rsa:2048 -keyout "./data/key-rsa.pem" -out "./data/cert-rsa.csr" -subj "/CN=debian.org" -sha256 -nodes -batch -config "src/lib/openssl/openssl.cnf"
Generating a RSA private key
.....................+++++
............+++++
writing new private key to './data/key-rsa.pem'
-----
[2019-07-12 21:12:35,495] DEBUG    - Generating RSA cert...
[2019-07-12 21:12:35,759] DEBUG    - "tools\openssl\openssl.exe" x509 -req -in "./data/cert-rsa.csr" -CA "./data/cacert-rsa.pem" -CAkey "./data/cakey-rsa.pem" -set_serial 01 -out "./data/cert-rsa.pem" -days 730 -sha256 -extensions x509_ext -extfile "src/lib/openssl/openssl.cnf"
Signature ok
subject=/CN=debian.org
Getting CA Private Key
[2019-07-12 21:12:35,759] DEBUG    TorManager Starting (Tor: enable)
[2019-07-12 21:12:35,760] DEBUG    TorManager Connecting to Tor Controller localhost:9151

Of course it works. I think it is need a formal fix, not workaround. Not everyone use ZeroBundle.