SSL 链证书:PEM_read_bio:no 开始行
SSL Chain certificate: PEM_read_bio:no start line
如何配置 Jupyterhub 以使用链证书?我有来自 Entrust 的证书:
my_name.txt
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
Entrust_Root.txt
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
Entrust_L1Kroot.txt
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
当我尝试启动 Jupyterhub 时出现以下错误:
crypto.js:131
c.context.setKey(options.key);
^
Error: error:0906D06C:PEM routines:PEM_read_bio:no start line
at Object.exports.createCredentials (crypto.js:131:17)
at Server (tls.js:1128:28)
at new Server (https.js:35:14)
at Object.exports.createServer (https.js:54:10)
at new ConfigurableProxy (/usr/lib/node_modules/configurable-http-proxy/lib/configproxy.js:158:35)
at Object. (/usr/lib/node_modules/configurable-http-proxy/bin/configurable-http-proxy:171:13)
at Module._compile (module.js:456:26)
at Object.Module._extensions..js (module.js:474:10)
at Module.load (module.js:356:32)
at Function.Module._load (module.js:312:12)
[C 2016-05-13 15:44:24.633 JupyterHub app:1119] Failed to start proxy
Traceback (most recent call last):
File "/usr/local/lib/python3.5/site-packages/jupyterhub/app.py", line 1117, in start
yield self.start_proxy()
File "/usr/local/lib/python3.5/site-packages/jupyterhub/app.py", line 881, in start_proxy
_check()
File "/usr/local/lib/python3.5/site-packages/jupyterhub/app.py", line 877, in _check
raise e
RuntimeError: Proxy failed to start with exit code 8
我的配置文件:
c.JupyterHub.ssl_cert = u'/path/to/Entrust_L1Kroot.txt'
c.JupyterHub.ssl_key = u'/path/to/my_name.txt'
我尝试了对 ssl_cert 和 ssl_key 的其他分配,但它们没有更有效。
要准备完整的证书链,您需要将它们全部连接到一个文件中:
cat your_name.txt Entrust_L1Kroot.txt Entrust_Root.txt > your_name-chained.crt
然后配置JupyterHUB:
c.JupyterHub.ssl_cert = '/path/to/your_name-chained.crt'
c.JupyterHub.ssl_key = '/path/to/my_name.key'
您可以生成您的
- self-signed jupyterhub 的 SSL 证书,例如
- 如果您使用本地主机(或没有真实域)
openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout jupyterhub.key -out jupyterhub.crt
如何配置 Jupyterhub 以使用链证书?我有来自 Entrust 的证书:
my_name.txt
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
Entrust_Root.txt
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
Entrust_L1Kroot.txt
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
当我尝试启动 Jupyterhub 时出现以下错误:
crypto.js:131
c.context.setKey(options.key);
^
Error: error:0906D06C:PEM routines:PEM_read_bio:no start line
at Object.exports.createCredentials (crypto.js:131:17)
at Server (tls.js:1128:28)
at new Server (https.js:35:14)
at Object.exports.createServer (https.js:54:10)
at new ConfigurableProxy (/usr/lib/node_modules/configurable-http-proxy/lib/configproxy.js:158:35)
at Object. (/usr/lib/node_modules/configurable-http-proxy/bin/configurable-http-proxy:171:13)
at Module._compile (module.js:456:26)
at Object.Module._extensions..js (module.js:474:10)
at Module.load (module.js:356:32)
at Function.Module._load (module.js:312:12)
[C 2016-05-13 15:44:24.633 JupyterHub app:1119] Failed to start proxy
Traceback (most recent call last):
File "/usr/local/lib/python3.5/site-packages/jupyterhub/app.py", line 1117, in start
yield self.start_proxy()
File "/usr/local/lib/python3.5/site-packages/jupyterhub/app.py", line 881, in start_proxy
_check()
File "/usr/local/lib/python3.5/site-packages/jupyterhub/app.py", line 877, in _check
raise e
RuntimeError: Proxy failed to start with exit code 8
我的配置文件:
c.JupyterHub.ssl_cert = u'/path/to/Entrust_L1Kroot.txt'
c.JupyterHub.ssl_key = u'/path/to/my_name.txt'
我尝试了对 ssl_cert 和 ssl_key 的其他分配,但它们没有更有效。
要准备完整的证书链,您需要将它们全部连接到一个文件中:
cat your_name.txt Entrust_L1Kroot.txt Entrust_Root.txt > your_name-chained.crt
然后配置JupyterHUB:
c.JupyterHub.ssl_cert = '/path/to/your_name-chained.crt'
c.JupyterHub.ssl_key = '/path/to/my_name.key'
您可以生成您的 - self-signed jupyterhub 的 SSL 证书,例如 - 如果您使用本地主机(或没有真实域)
openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout jupyterhub.key -out jupyterhub.crt