Issue With https (SSL), LetsEncrypt.

[rhodwulf]

Hi, i have a server centos 7 with plesk panel.

I have problems to see kiwiirc on https://example.com:7779.:

I've seen it at https://github.com/prawnsalad/KiwiIRC/issues/895 a possible solution, which is the following

server {
   listen 443;
   server_name kiwi.example.com;
   ssl on;
   ssl_protocols TLSv1.2;
   ssl_certificate /etc/letsencrypt/live/kiwi.example.com/fullchain.pem;
   ssl_certificate_key /etc/letsencrypt/live/kiwi.example.com/privkey.pem;
   location / {
   proxy_pass http://localhost:7778/kiwi/;
   }
}

Or

ssl_key: "/etc/letsencrypt/live/yourdomain.com/privkey.pem",
ssl_cert: "/etc/letsencrypt/live/yourdomain.com/cert.pem",
ssl_ca: "/etc/letsencrypt/live/yourdomain.com/chain.pem"

But on my server those files are in: /usr/local/psa/var/modules/letsencrypt/etc/liveexample.com

Then my configuration is:

 Example SSL server block
conf.servers.push({
    port:     7777,
    address: "0.0.0.0",

    ssl:   true,
    ssl_key: "/usr/local/psa/var/modules/letsencrypt/etc/live/example.com/server.key",
    ssl_cert: "/usr/local/psa/var/modules/letsencrypt/etc/live/example.com/cert.pem",
     ssl_ca: "/usr/local/psa/var/modules/letsencrypt/etc/live/example.com/chain.pem"
});

But the page is left blank loading and from there it does not pass.

[spencerthayer]

This resolved?

[prawnsalad]

Is this still an issue @rhodwulf? Many others have been using LE certs for some time so it should be fine.

[rhodwulf]

Is this still an issue @rhodwulf? Many others have been using LE certs for some time so it should be fine.

Hello @prawnsalad , thanks for answering. I still have the problem, and I could not solve it. I have the configuration described above and when trying to access, it simply remains loading a blank page and does not load. I have chosen to leave it alone with access to the site without SSL.

I wonder if it will have affected that in the first installation, i tried to create an SSL certificate as described in the page KiwiIRC https://kiwiirc.com/docs/installing with the commands:

openssl genrsa -out server.key
openssl req -new -key server.key -out csr.pem
openssl x509 -req -days 9999 -in csr.pem -signkey server.key -out cert.pem
rm csr.pem

Well, I really appreciate your help, i hope you can support me to solve it. Greetings.

[jryberg]

Do the user running KiwiIRC have read access to the certificates?

Also, I think I had the exact similar problem regarding spdy but this might be different.

What does your kiwiirc.log say directly after you try to access the web page?

[rhodwulf]

Hi @jryberg ,thanks for answer

Do the user running KiwiIRC have read access to the certificates?

Yes, I run it with root user.

Also, I think I had the exact similar problem regarding spdy but this might be different.

What does your kiwiirc.log say directly after you try to access the web page?

In the kiwi log, i have this:

2017-09-14 19:11:06 - info: Listening on (ip edited  for privacy)0.0.0.0:7779 with SSL
2017-09-14 19:11:29 - error: [Uncaught exception] Error: Table size bigger than maximum stack=Error: Table size bigger than maximum
    at assert (/home/user/KiwiIRC/node_modules/hpack.js/lib/hpack/utils.js:3:11)
    at Table.updateSize (/home/user/KiwiIRC/node_modules/hpack.js/lib/hpack/table.js:82:3)
    at Decompressor.updateTableSize (/home/user/KiwiIRC/node_modules/hpack.js/lib/hpack/decompressor.js:58:15)
    at Connection._handleSettings (/home/user/KiwiIRC/node_modules/spdy-transport/lib/spdy-transport/connection.js:465:27)
    at Connection._handleFrame (/home/user/KiwiIRC/node_modules/spdy-transport/lib/spdy-transport/connection.js:301:10)
    at Parser.<anonymous> (/home/user/KiwiIRC/node_modules/spdy-transport/lib/spdy-transport/connection.js:149:10)
    at emitOne (events.js:96:13)
    at Parser.emit (events.js:191:7)
    at readableAddChunk (/home/user/KiwiIRC/node_modules/readable-stream/lib/_stream_readable.js:212:18)
    at Parser.Readable.push (/home/user/KiwiIRC/node_modules/readable-stream/lib/_stream_readable.js:171:10)

[rhodwulf]

Hi @jryberg

Also, I think I had the exact similar problem regarding spdy but this might be different. I was struck by what you said.

So I started looking for it, and in effect, I think I have a spdy problem, I do not deal with the problem since I updated NPM and ran NPM INSTALL again and the problem persists, but I I have noticed that it is only in Chrome and Opera browsers, In firefox (PC) works fine, Firefox (Android) does not work.

How can I update NPM spdy? Will that be the problem why it is not loaded in Chrome or Opera ?.

Thank you.

[rhodwulf]

Hi @jryberg i solved !!!

I finally solved it by updating SPDY.

Update NPM by installing a utility, with the following command

# npm i -g npm-upgrade

Then type # npm-upgrade

It will give you a list of what you want to update, it will only prepare the necessary files to update to NPM.

[root @ mydomain KiwiIRC] # npm-upgrade
Checking the obsolete dependencies of "/home/user/KiwiIRC/package.json" ...

New versions of active modules available:

engine.io ^ 1.5.4 → ^ 3.1.1
es6-promesa ^ 3.0.2 → ^ 4.1.1
eventemitter2 0,4,14 → 4,1
iconv-lite 0.4.11 → 0.4.19
ipaddr.js ^ 1.0.3 → ^ 1.5.2
lodash ^ 3.10.1 → ^ 4.17.4
negotiator ^ 0.5.3 → ^ 0.6.1
node-static ^ 0.7.7 → ^ 0.7.10
po2json ^ 0.4.1 → ^ 0.4.5
spdy ^ 2.0.5 → ^ 3.4.7
uglify-js ^ 2.4.24 → ^ 3.1.0
winston ^ 1.0.1 → ^ 2.3.1

? Update "engine.io" in package.json from ^ 1.5.4 to ^ 3.1.1? Do not

? Update "es6-promise" in package.json from ^ 3.0.2 to ^ 4.1.1? Do not

? Update "eventemitter2" in package.json from 0.4.14 to 4.1.2? Do not

? Update "iconv-lite" in package.json from 0.4.11 to 0.4.19? Do not

? Update "ipaddr.js" in package.json from ^ 1.0.3 to ^ 1.5.2? Do not

? Update "lodash" in package.json from ^ 3.10.1 to ^ 4.17.4? Do not

? Update "negotiator" in package.json from ^ 0.5.3 to ^ 0.6.1? Do not

? Update "node-static" in package.json from ^ 0.7.7 to ^ 0.7.10? Do not

? Update "po2json" in package.json from ^ 0.4.1 to ^ 0.4.5? Do not

? Update "spdy" in package.json from ^ 2.0.5 to ^ 3.4.7? Yes <==Type Yes

? Update "uglify-js" in package.json from ^ 2.4.24 to ^ 3.1.0? Do not

? Update "winston" in package.json from ^ 1.0.1 to ^ 2.3.1? Do not

New package.json:

{
"name": "kiwiirc",
"version": "0.9.4",
"description": "A handmade webirc client",
"home page": "https://www.kiwiirc.com/",
"license": "AGPL-3.0",
"preferGlobal": "true",
"bin": {
"kiwiirc": "./kiwi"
},
"man": "./man/kiwiirc.1",
"repository": {
"type": "git",
"url": "https://github.com/prawnsalad/KiwiIRC.git"
},
"dependencies": {
"daemonize2": "0.4.2",
"engine.io": "^ 1.5.4",
"es6-promise": "^ 3.0.2",
"eventemitter2": "0.4.14",
"iconv-lite": "0.4.11",
"ipaddr.js": "^ 1.0.3",
"lodash": "^ 3.10.1",
"negotiator": "^ 0.5.3",
"node-static": "^ 0.7.7",
"po2json": "^ 0.4.1",
"socksjs": "^ 0.5.0",
"spdy": "^ 3.4.7",
"uglify-js": "^ 2.4.24",
"winston": "^ 1.0.1"
},
"engines": {
"node": "> = 0.10"
}
}

? Update package.json? Yes

Then type the command

# npm update

And SPDY will be updated:

[root @ mydomain KiwiIRC] # npm update kiwiirc@0.9.4 / home / ircadmin / KiwiIRC └── spdy@3.4.7

Then they type

# npm restart

And finally

# ./kiwi stop
# ./kiwi build
# ./kiwi start

[root @ mydomain KiwiIRC] # ./kiwi start
Starting kiwiirc daemon ...
kiwiirc daemon started. PID: 0000

Happy chat XD: D

@jryberg Thanks to your comment, it led me to the right path.

[rhodwulf]

Ok, I close this issue, I was waiting for another comment, but I think it's enough.