the fast, reliable localhost tunneling solution


Loading ressource page link with https failed

By ANGELI 2016-07-31, 20:33

Issue

On my Nextcloud site using Pagekyte with TLS encryption I face a problem that make it unusable : during the loading of the main page many (but not all) related resources (.js .css ...) failed to load, making the service unavailable.

My site use TLS encryption between the PageKite BE and the webserver

service_on = https:@kitename : localhost:443 : @kitesecret
service_on = https:cloud.MyDomainName.me : localhost:443 : @kitesecret

Nevertheless open link resources one by one work (eg clicking https://cloud.MyDomainName.me/core/vendor/backbone/backbone.js...).

Acceding with the local network or setting the site myDomainName in /etc/hosts work too.
Same behavior with @kitename and cloud.MyDomainName.me.

The problem occurs regularly especially after ''Restarting my kite '', many times things gone right by themselves after several minutes and I can navigate on my site flawlessly (for some hours) ; others times the problem persists :-( .

''Remark'' : similar issue have been reported by Dayan on page kite wiki or [Nextcloud wiki] ( https://help.nextcloud.com/t/nextcloud-and-pagekite-reverse-proxy-compatibility-issues/1284/2)

Remark the Nextcloud login page a bunch of resources to load

For this page the Chrome Console showed the following networks error

``` Navigated to https://cloud.MyDomainName.me/ GET https://cloud.MyDomainName.me/core/vendor/jquery/jquery.min.js?v=8f0e8d73c26951bac7632585e3d0ecae net::ERR_CONTENT_LENGTH_MISMATCH Uncaught ReferenceError: jQuery is not defined GET https://cloud.MyDomainName.me/core/vendor/bootstrap/js/tooltip.js?v=8f0e8d73c26951bac7632585e3d0ecae net::ERR_BAD_SSL_CLIENT_AUTH_CERT GET https://cloud.MyDomainName.me/core/vendor/backbone/backbone.js?v=8f0e8d73c26951bac7632585e3d0ecae net::ERR_BAD_SSL_CLIENT_AUTH_CERT GET https://cloud.MyDomainName.me/core/vendor/es6-promise/dist/es6-promise.js?v=8f0e8d73c26951bac7632585e3d0ecae net::ERR_BAD_SSL_CLIENT_AUTH_CERT GET https://cloud.MyDomainName.me/core/vendor/davclient.js/lib/client.js?v=8f0e8d73c26951bac7632585e3d0ecae net::ERR_BAD_SSL_CLIENT_AUTH_CERT GET https://cloud.MyDomainName.me/core/js/placeholders.js?v=8f0e8d73c26951bac7632585e3d0ecae net::ERR_BAD_SSL_CLIENT_AUTH_CERT GET https://cloud.MyDomainName.me/core/js/compatibility.js?v=8f0e8d73c26951bac7632585e3d0ecae net::ERR_BAD_SSL_CLIENT_AUTH_CERT GET https://cloud.MyDomainName.me/core/js/jquery.ocdialog.js?v=8f0e8d73c26951bac7632585e3d0ecae net::ERR_BAD_SSL_CLIENT_AUTH_CERT GET https://cloud.MyDomainName.me/core/js/oc-dialogs.js?v=8f0e8d73c26951bac7632585e3d0ecae net::ERR_BAD_SSL_CLIENT_AUTH_CERT GET https://cloud.MyDomainName.me/core/js/js.js?v=8f0e8d73c26951bac7632585e3d0ecae net::ERR_BAD_SSL_CLIENT_AUTH_CERT GET https://cloud.MyDomainName.me/core/js/l10n.js?v=8f0e8d73c26951bac7632585e3d0ecae net::ERR_BAD_SSL_CLIENT_AUTH_CERT GET https://cloud.MyDomainName.me/core/l10n/fr.js?v=8f0e8d73c26951bac7632585e3d0ecae net::ERR_BAD_SSL_CLIENT_AUTH_CERT GET https://cloud.MyDomainName.me/core/js/octemplate.js?v=8f0e8d73c26951bac7632585e3d0ecae net::ERR_BAD_SSL_CLIENT_AUTH_CERT

```

Chrome::/internal-network showed the above informations for ERR_BAD_SSL_CLIENT_AUTH_CERT error.

``` 124942: URL_REQUEST https://cloud.MyDomainName.me/core/js/js.js?v=8f0e8d73c26951bac7632585e3d0ecae Start Time: 2016-07-31 20:10:39.438

t= 5106 [st=   0] +REQUEST_ALIVE  [dt=5210]
t= 5106 [st=   0]    URL_REQUEST_DELEGATE  [dt=0]
t= 5106 [st=   0]   +URL_REQUEST_START_JOB  [dt=5210]
                       --> load_flags = 33025 (MAYBE_USER_GESTURE | VALIDATE_CACHE |                      VERIFY_EV_CERT)
                     --> method = "GET"
                     --> priority = "LOW"
                     --> url = "https://cloud.MyDomainName.me/core/js/js.js?v=8f0e8d73c26951bac7632585e3d0ecae"
t= 5106 [st=   0]      URL_REQUEST_DELEGATE  [dt=0]
t= 5107 [st=   1]      HTTP_CACHE_GET_BACKEND  [dt=0]
t= 5107 [st=   1]      HTTP_CACHE_OPEN_ENTRY  [dt=195]
                   --> net_error = -2 (ERR_FAILED)
t= 5302 [st= 196]      HTTP_CACHE_CREATE_ENTRY  [dt=193]
t= 5495 [st= 389]      HTTP_CACHE_ADD_TO_ENTRY  [dt=0]
t= 5495 [st= 389]      URL_REQUEST_DELEGATE  [dt=0]
t= 5495 [st= 389]     +HTTP_STREAM_REQUEST  [dt=4821]
t= 5495 [st= 389]        HTTP_STREAM_REQUEST_STARTED_JOB
                     --> source_dependency = 125117 (HTTP_STREAM_JOB)
t=10316 [st=5210]        HTTP_STREAM_REQUEST_BOUND_TO_JOB
                     --> source_dependency = 125117 (HTTP_STREAM_JOB)
t=10316 [st=5210]     -HTTP_STREAM_REQUEST
t=10316 [st=5210]   -URL_REQUEST_START_JOB
                 --> net_error = -117 (ERR_BAD_SSL_CLIENT_AUTH_CERT)
t=10316 [st=5210]    URL_REQUEST_DELEGATE  [dt=0]
t=10316 [st=5210] -REQUEST_ALIVE
               --> net_error = -117 (ERR_BAD_SSL_CLIENT_AUTH_CERT)

```

! Context

  • Nextcloud on ubuntu 16.4.1
  • Pagekite v0.5.8e.

I have my own domaine name and a let's encrypt certifcate.

I followed the howtos for declaring CNAME and setting TLS encryption.

service_on = https:@kitename : localhost:443 : @kitesecret service_on = https:cloud.MyDomainName.me : localhost:443 : @kitesecret

Pagekyte informations

```

nextcloud@nextcloud1:~$ sudo pagekite --clean --optdir=/etc/pagekite.d
>>> Hello! This is pagekite v0.5.8e.                            [CTRL+C = Stop]
     Connecting to front-end 88.198.198.93:443 ...                              
     - Protocols: http http2 http3 https websocket irc finger httpfinger raw   
     - Protocols: minecraft                                                    
     - Ports: 79 80 443 843 2222 3000 4545 5222 5223 5269 5670 6667 8000 8080  
     - Ports: 8081 9292 25565                                                  
     - Raw ports: 22 virtual                                                   
...
    Connecting to front-end 178.79.140.143:443 ...                             
~ Flying localhost:443 as https://MyDomainName.xxx.pagekite.me/                
~ Flying localhost:443 as https://cloud.MyDomainName.me/                          
    82.244.136.142 < https://cloud.MyDomainName.me:443 (localhost:443)              
.....          
    82.244.136.142 < https://cloud.MyDomainName.me:443 (localhost:443)              
    Connecting to front-end 178.79.140.143:443 ...                             
     - Protocols: http http2 http3 https websocket irc finger httpfinger raw   
     - Protocols: minecraft                                                    
     - Ports: 79 80 443 843 2222 3000 4545 5222 5223 5269 5670 6667 8000 8080  
     - Ports: 8081 9292 25565                                                  
     - Raw ports: 22 virtual                                                   
~ Flying localhost:443 as https://MyDomainName.xxx.pagekite.me/                
~ Flying localhost:443 as https://cloud.MyDomainName.me/                          
    Connecting to front-end 88.198.198.93:443 ...                              
...
 << pagekite.py [flying]   Kites are flying and all is well.

```

Comments

  1. ANGELI said on 2016-08-02, 20:20
    From my first post i made more investigations.

    I configure §HTTP access to my Nextcloud, acceding through pagekite (service_on = http:test-@kitename : localhost:80 : @kitesecret) **the same problem happen**

    GET https://xxxxxx.pagekite.me/nextcloud/...
    GET https://xxxxxx.pagekite.me/nextcloud/...
    GET https://xxxxxx.pagekite.me/core/img/l... 503 (Unavailable)
    GET https://xxxxxx.pagekite.me/nextcloud/... 503 (Unavailable)
    GET https://xxxxxx.pagekite.me/nextcloud/... 503 (Unavailable)

    From the browser view there is an **503 error** instead of an **ERR_BAD_SSL_CLIENT_AUTH_CERT GET**

    These problem has occured on virtual Box with a VM ubuntu 16.4.1 and
    Pagekite v0.5.8e.

    I had another VM Ubuntu 14.04.2 LTS and I installed the same Nextcloud version (copying the files the config and the data base). I Installed Pagekite v0.5.8e from the Ubuntu depot.

    **Then making the same tests and the result was that everything work fine : ** the related resources (js...) were loaded normaly even if my adsl network is slow.

    So I suggest that the issue would be requalified in **problem with pagekite 0.5.8e on Ubuntu 16.4.1**

    Comparing dependency (apt-rdepend) show difference between 16.4.1 and 14.04.2.
    Permalink
  2. ANGELI said on 2016-08-08, 19:34
    Finally I created an isolated Python environment on the defective 16.4.1 server :

    #sudo virtualenv /opt/python/some_directory

    Then I linked then pagekite executable to this envionment path :
    root@nextcloud:~# head /usr/bin/pagekite
    #!/opt/python/some_directory/bin/python2
    # ...

    And all work fine :-)

    So the problem appears to be a bad python installation.


    Now I run Nextcloud with a CNAME and a certificate.


    Hope that helps.

    Regards.
    Permalink

Leave a comment

( (Please leave these blank: )

We use Gravatar for commenter's photos. Get your own, it's free!