SSL Error using virtualmin api

neill · January 25, 2023, 7:34am

SYSTEM INFORMATION
OS type and version	Ubuntu 22.04.1
Webmin version	2.013
Virtualmin version	7.50pro

When trying to access the remote api via either curl or python’s request library I get an SSL error.

In python:

    url = f"https://{args.server}:10000/virtual-server/remote.cgi?program=list-domains"
    resp = requests.get(url,auth=(args.user, args.password))

results in

ssl.SSLError: ("read error: Error([('SSL routines', '', 'unexpected eof while reading')])",)

From wget:

wget --http-user root --http-passwd='<redacted>' 'https://<redacted>:10000/virtual-server/remote.cgi?program=list-domains'

results in a loop of:

2023-01-25 18:29:54 (31.8 KB/s) - Read error at byte 3214 (The TLS connection was non-properly terminated.).Retrying.

wget does return output, but the SSL exception means I can’t access the response body in python.

Any suggestions as to how to fix this?

neill · January 25, 2023, 9:41pm

Further information - the ssl certificate is from letsencrypt and is valid.

suther · January 26, 2023, 10:29am

Not a full solution, but a workaround, if you just need to use / test the API urgently, and want to look later on for the SSL issue:

You can use wget with skipping ssl-check with parameter: --no-check-certificate

neill · January 27, 2023, 6:01am

The SSL cert is valid, and the error occurs even if validation is turned off.

For now I’m just tunneling over ssh and running the cli.

neill · February 8, 2023, 12:19am

Still have this issue, is there another way I should be asking for support?

stefan1959 · February 8, 2023, 3:00am

I asked chagpt. curl it suggest. (on your first example)
curl -k -u admin:password https://hostname:10000/virtual-server/remote.cgi?program=list-domains
for python is suggests, , using the requests library:

import requests

url = “https://hostname:10000/virtual-server/remote.cgi?program=list-domains”

headers = {
‘Authorization’: ‘Basic ’ + b64encode(b’admin:password’).decode(“utf-8”)
}

response = requests.get(url, headers=headers, verify=False)

print(response.content)

toreskev · February 8, 2023, 4:34am

Since you’re on Pro, let’s tag @staff

Jamie · February 8, 2023, 5:10am

Does anything get logged to /var/webmin/miniserv.error when you get this SSL error from wget ?

GENLTD · February 8, 2023, 10:40am

This is a known bug with openssl (see their git #18866 for more info). The solution (if it can be called that) is to pass “SSL_OP_IGNORE_UNEXPECTED_EOF” to openssl, which bypasses the error since the actual request works ok (in my case anyway).

If you’re using PHP’s curl, then you’re stuffed because there’s no way to pass it to openssl, so the option (for me) was to switch to Pear’s HTTP/Request2 which still bleats but carries on regardless.

There will no doubt be a fix in the pipes but for now this is what ya got.

system · April 9, 2023, 10:41am

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.