search

aiortc / aioquic

QUIC and HTTP/3 implementation in Python
BSD 3-Clause "New" or "Revised" License
1.6k stars 229 forks source link

Unable to use self-generated Certifications for http3 server and clients #497

Closed YifangZhang closed 1 month ago

YifangZhang commented 1 month ago

Dear aioquic admins,

I am a new user for aioquic package and successfully made the standalone server/client worked with testing certification. But when I was trying to use my own certifications, it is not working for me on the server side.

It shows me the following error:

python3 examples/http3_server.py --certificate ../uploads/cacert.pem --private-key ../uploads/serverkey.pem --port 9999 --quic-log ../server_log/ --host www.test.com
2024-05-09 03:46:39,688 INFO quic [c797ffa15a19c0ca] Connection close received (code 0x133, reason )
2024-05-09 03:46:41,280 INFO quic [bbebb5becca013c9] Connection close received (code 0x133, reason )

And on the client side:

ubuntu@user:~/aioquic$ python3 examples/http3_client.py https://www.test.com:9999 --ca-certs ../uploads/cacert.pem
2024-05-09 03:46:41,279 WARNING quic [bbebb5becca013c9] Error: 307, reason: , frame_type: 6
2024-05-09 03:46:41,279 INFO quic [bbebb5becca013c9] Connection close sent (code 0x133, reason )
Traceback (most recent call last):
  File "examples/http3_client.py", line 564, in <module>
    asyncio.run(
  File "/usr/lib/python3.8/asyncio/runners.py", line 44, in run
    return loop.run_until_complete(main)
  File "/usr/lib/python3.8/asyncio/base_events.py", line 616, in run_until_complete
    return future.result()
  File "examples/http3_client.py", line 387, in main
    async with connect(
  File "/usr/lib/python3.8/contextlib.py", line 171, in __aenter__
    return await self.gen.__anext__()
  File "/home/ubuntu/.local/lib/python3.8/site-packages/aioquic/asyncio/client.py", line 88, in connect
    await protocol.wait_connected()
  File "/home/ubuntu/.local/lib/python3.8/site-packages/aioquic/asyncio/protocol.py", line 132, in wait_connected
    await asyncio.shield(self._connected_waiter)
ConnectionError

I have also attached to the quic-log in the attached file quic-log.txt

Is there something clearly wrong I have been doing?

I used this tutorial for my certification creation and set the common name to be www.test.com. https://checkmk.com/linux-knowledge/creating-server-certificate

Thank you so much!

YifangZhang commented 1 month ago

If this is probably too hard to debug, it will be great if you can show us some links or resources about how you have created the certification, maybe that will help the user like me a lot! Thanks again!

YifangZhang commented 1 month ago

resolved, was bugged because of the wrong setting on cacert and servercert's common names.