cannot start an SSL server

When I try to start server I get:

`

CommandBox:ContentBox> lucee.commons.cli.CommandException: ---------------------

Hi Francesco, I’ve pinged Denny to see if he can chime in here. I’ve never used custom certs for the SSL stuff, but he helped write this part of the code.

Thanks!

~Brad

ColdBox Platform Evangelist
Ortus Solutions, Corp

E-mail: brad@coldbox.org
ColdBox Platform: http://www.coldbox.org
Blog: http://www.codersrevolution.com

The key needs to be in DER (PKS#8) format.

Something like this for converting it:

openssl x509 -in priv.pem -out priv.der -outform DER

theoretically, should get you going.

-Denny

If that does work, I’d love any pulls to the embedded help command OR the CommandBox docs to help clarify that.

Thanks!

~Brad

ColdBox Platform Evangelist
Ortus Solutions, Corp

E-mail: brad@coldbox.org
ColdBox Platform: http://www.coldbox.org
Blog: http://www.codersrevolution.com

Hi guys,

I’ve tried without success. Denny if it’s possible could you share more details about certificate creation?

I’d like to know:

  1. the certificate format, should be in DER format?
  2. the private key should be PEM format?
  3. what algorithm we should use? any?
  4. could you please tell us how the openssl command to create certificate? This should be also added to docs.
    Thanks for your help!

It's been a bit, but if I recall correctly, I set it up to work the same
way Apache HTTPD works... this is what the help from runwar says:

-sslcert,--ssl-cert <certificate>
SSL certificate file in x509 (PKS#12) format.

-sslkey,--ssl-key <key>
SSL private key file in DER (PKS#8) format.

If I get some time later today I'll add a test to verify-- maybe I only
tested the built-in self-signed cert or something, or broke the default
impl when I did the default self-signed cert stuff...

"stranger things..." =]

-Den

I have tried with

`

“SSL”:{
“enable”:true,
“port”:443,
“cert”:“E:/OpenSSL/test.cert”,
“key”:“E:/OpenSSL/test.der”,
“keyPass”:""
}

`

The server start without errors, however if I try to access https://127.0.0.1:60480/ I get an ERR_SSL_PROTOCOL_ERROR

Is there something that I could check?