search

martin-riedl / CALexa

CALexa is an Amazon Alexa Skill which allows accessing CalDAV Calendars. It makes use of the Flask-Ask Python micro-framework developed by John Wheeler.
Apache License 2.0
34 stars 10 forks source link

Problems with the self-signed X.509 cert #3

Open ndom91 opened 6 years ago

ndom91 commented 6 years ago

So I decided to go the self hosted X.509 route. Everything worked well so far. Until I tested the skill and I get the following error on my server:

$(jobs:0)-(9 files, 56Kb)-> python src/calexa.py 
 * Running on http://0.0.0.0:5000/ (Press CTRL+C to quit)
[2018-03-21 23:34:25,118] ERROR in app: Exception on / [POST]
Traceback (most recent call last):
  File "/home/ndo/.local/lib/python2.7/site-packages/flask/app.py", line 1982, in wsgi_app
    response = self.full_dispatch_request()
  File "/home/ndo/.local/lib/python2.7/site-packages/flask/app.py", line 1614, in full_dispatch_request
    rv = self.handle_user_exception(e)
  File "/home/ndo/.local/lib/python2.7/site-packages/flask/app.py", line 1517, in handle_user_exception
    reraise(exc_type, exc_value, tb)
  File "/home/ndo/.local/lib/python2.7/site-packages/flask/app.py", line 1612, in full_dispatch_request
    rv = self.dispatch_request()
  File "/home/ndo/.local/lib/python2.7/site-packages/flask/app.py", line 1598, in dispatch_request
    return self.view_functions[rule.endpoint](**req.view_args)
  File "/home/ndo/.local/lib/python2.7/site-packages/flask_ask/core.py", line 728, in _flask_view_func
    ask_payload = self._alexa_request(verify=self.ask_verify_requests)
  File "/home/ndo/.local/lib/python2.7/site-packages/flask_ask/core.py", line 662, in _alexa_request
    cert = verifier.load_certificate(cert_url)
  File "/home/ndo/.local/lib/python2.7/site-packages/flask_ask/verifier.py", line 21, in load_certificate
    if not _valid_certificate(cert):
  File "/home/ndo/.local/lib/python2.7/site-packages/flask_ask/verifier.py", line 63, in _valid_certificate
    value = str(extension)
  File "/home/ndo/.local/lib/python2.7/site-packages/OpenSSL/crypto.py", line 779, in __str__
    return self._subjectAltNameString()
  File "/home/ndo/.local/lib/python2.7/site-packages/OpenSSL/crypto.py", line 740, in _subjectAltNameString
    method = _lib.X509V3_EXT_get(self._extension)
AttributeError: 'module' object has no attribute 'X509V3_EXT_get'
127.0.0.1 - - [21/Mar/2018 23:34:25] "POST / HTTP/1.1" 500 -

On the alexa skills test page I get the following error:

There was an error calling the remote endpoint, which returned HTTP 500 : INTERNAL SERVER ERROR

I made the self signed cert 1:1 following Amazons directions from their page here:

https://developer.amazon.com/docs/custom-skills/test-a-custom-skill.html#create-a-private-key-and-self-signed-certificate-for-testing

Also I'm not using nginx, but apache. My config looks like this:

<VirtualHost *:80>

        ServerName calexa.abcxyz.xyz

        Redirect / https://calexa.abcxyz.xyz

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

</VirtualHost>
<VirtualHost *:443>

        ServerName calexa.abcxyz.xyz

        LimitRequestBody 0

        SSLEngine On
        SSLProxyEngine On

        <Proxy *>
        Order deny,allow
        Allow from all
        </Proxy>

        ProxyRequests Off
        ProxyPreserveHost On

        ProxyPass / http://localhost:5000
        ProxyPassReverse / http://localhost:5000

        SSLCertificateFile /home/ndo/CALexa/certificate1.pem
        SSLCertificateKeyFile /home/ndo/CALexa/private-key.pem

</VirtualHost>

I think that about covers all the info.

Anyone have any idea whats going on here?

Config looks perfectly fine to me..

jacky826 commented 6 years ago

you can refer to https://stackoverflow.com/questions/49375054/alexa-skill-development-using-flask-ask-and-ngrok