Opened 7 years ago

Closed 7 years ago

#1475 closed defect (invalid)

SSL routines:ssl3_get_record:wrong version number)

Reported by: alirezaimi@… Owned by:
Priority: minor Milestone:
Component: other Version: 1.10.x
Keywords: Cc:
uname -a: Linux sp2lnx1 4.9.0-5-amd64 #1 SMP Debian 4.9.65-3+deb9u2 (2018-01-04) x86_64 GNU/Linux
nginx -V: nginx version: nginx/1.10.3

Description

Hi
I having trouble with this error and i doubt that this error back to nginx or python what !

https://github.com/python-telegram-bot/python-telegram-bot/issues/989

when i was use webhook method with nginx reverse proxy ability with self-signed cert according to this article (https://github.com/python-telegram-bot/python-telegram-bot/wiki/Webhooks), i have this error :

$ tail -f /var/log/nginx/error.log
when run bot python script :
*1 SSL_do_handshake() failed (SSL: error:14:SSL routines:ssl3_get_record:wrong version number) while SSL handshaking to u, client: YYY.YYY.YYY.YYY, server: 192.168.100.250, request: "POST /XXXXXXX:XXXXXXX-XXY HTTP/1.1", upstream: "https://127.0.0.1:5661/23:XXXXXXX:XXXXXXX-XXY", host: "XXX.XXX.XXX.XXX"

when not run python script :
2018/01/26 11:03:57 [error] 18426#18426: *3287 connect() failed (111: Connection ref) while connecting to upstream, client: YYY.YYY.YYY.YYY, server: 192.168.100.250 request: "POST /XXXXXXX:XXXXXXX-XXY HTTP/1.1", upstream:https://127.0.0.1:5661/XXXXXXX:XXXXXXX-XXY", host: "XXX.XXX.XXX.XXX"

this is my nginx configuration :

server { listen 8443 ssl; server_name 192.168.100.250; ssl_certificate /home/aaa/TelBot/cert.pem; ssl_certificate_key /home/aaa/TelBot/private.key; location /XXXXXXX:XXXXXXX-XXY { proxy_pass https://127.0.0.1:5661; } }

and i run my app with :
updater.start_webhook(listen='127.0.0.1', port=5661, url_path='/XXXXXXX:XXXXXXX-XXY')

when i use nginx as my reverse proxy server this error happened and when i do not use it and directly run script everything is fine !

root@sp2lnx1:/# lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description: Debian GNU/Linux 9.3 (stretch)
Release: 9.3
Codename: stretch

python 3.5.3
$ nginx -v : nginx version: nginx/1.10.3
$ uname -a : Linux sp2lnx1 4.9.0-5-amd64 #1 SMP Debian 4.9.65-3+deb9u2 (2018-01-04) x86_64 GNU/Linux

$ python3 -m telegram
python-telegram-bot 9.0.0
certifi 2018.01.18
future 0.16.0
Python 3.5.3 (default, Jan 19 2017, 14:11:04) [GCC 6.3.0 20170118]

Change History (3)

comment:1 by Maxim Dounin, 7 years ago

The error message suggests that the backend does not handle SSL connections correctly. Are there any reasons to assume it does, and there is something wrong on nginx side?

in reply to:  description comment:2 by alirezaimi@…, 7 years ago

Thanks for your support, please close this issue because solve it buy plugin team .

comment:3 by Sergey Kandaurov, 7 years ago

Resolution: invalid
Status: newclosed
Note: See TracTickets for help on using tickets.