Re: [Mailman-Developers] Re: SSL error while connecting to hyperkitty
On Sat, Aug 31, 2019, at 10:20 AM, sandeep kumar wrote:
Hi Abhilash
Thanks for the reply.
Just two more answers please -:)
Can I use the sample apache.conf in example_project in my webserver virtual host...??
See this thread for the apache configuration:
https://lists.mailman3.org/archives/list/mailman-users@mailman3.org/thread/H...
You'd need to adjust the paths and SSL configuration.
And what should be the configuration details to be given in uwsgi server...??
http://docs.mailman3.org/en/latest/prodsetup.html#setting-up-a-wsgi-server
Regards Sandeep
On Sat, Aug 31, 2019 at 10:25 PM Abhilash Raj <maxking@asynchronous.in> wrote:
__ On Sat, Aug 31, 2019, at 8:49 AM, sandeep kumar wrote:
Hi Abhilash
Thanks for your reply. -:)
We are using apache httpd as webserver to redirect.
the proxy pass in webserver is
ProxyPass / http://localhost:8000 ReverseProxyPass / http://localhost:8000
Can you put
base_url: http://localhost:8000/hyperkittyin your mailman-hyperkitty.cfg and see that it works? :)This should not try any funny SSL redirection.
I don't have idea of deploying this in production, so I just went on searching and I found wsgi (say uwsgi) is required to send the requests from webserver to mailman. Correct me if I am wrong.
I have few queries listed below. Please reply to them.
Should I use the wsgi.py present in the directory of mailman-suite ...??
Yes, that is the one which is supposed to be used.
What should be the ProxyPass ..?? Where should the first hit go from webserver ---> uwsgi ---> ??
uwsgi is web server running Mailman's web componenet. It doesn't need to hit anything. You can restart it directly when you want to restart Mailman's web component, you don't need to do anything to your web server (httpd) for this.
Can we run "python manage.py runserver" every time to start mailman suite..?? Can we make mailman-suite start/stop just by restarting the HTTPD..??
No, use a wsgi server, like uwsgi or gunicorn to run mailman-suote.
python manage.runserveris a command used during development shouldn't be used at all in prod.What should be the entry in Hyperkitty.cfg file after all the above steps..?? I mean at the end
Please reply to the above queries. Thanks for your help Regards Sandeep
On Sat, Aug 31, 2019 at 8:45 PM Abhilash Raj <maxking@asynchronous.in> wrote:
On Sat, Aug 31, 2019, at 1:36 AM, sandeep kumar wrote:
Hi Team
Iam seeing following errors while mailman is trying to archive in mailman.log
This is my base URL in mailman-hyperkitty.cfg
base_url: http://localhost/hyperkitty
Are you sure this is the URL? this is http and Mailman shouldn't try to connect to this using HTTPS.
Is your web server configured to redirect all HTTP traffic to HTTPS? If that is the case, then it is going to fail.
Which wsgi server are you using? uwsgi?
Can you also show your ProxyPass configuration?
*During handling of the above exception, another exception occurred:Traceback (most recent call last): File "/var/lib/mailman/venv3/lib64/python3.6/site-packages/requests-2.21.0-py3.6.egg/requests/adapters.py", line 449, in send timeout=timeout File "/var/lib/mailman/venv3/lib64/python3.6/site-packages/urllib3-1.24.1-py3.6.egg/urllib3/connectionpool.py", line 638, in urlopen _stacktrace=sys.exc_info()[2]) File "/var/lib/mailman/venv3/lib64/python3.6/site-packages/urllib3-1.24.1-py3.6.egg/urllib3/util/retry.py", line 398, in increment raise MaxRetryError(_pool, url, error or ResponseError(cause))urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='domain.com <http://domain.com>', port=443): Max retries exceeded with url: /hyperkitty/api/mailman/archive?key=SecretArchiverAPIKey (Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:841)'),))During handling of the above exception, another exception occurred:Traceback (most recent call last): File "/var/lib/mailman/mailman-hyperkitty/mailman_hyperkitty/__init__.py", line 154, in _archive_message url = self._send_message(mlist, msg) File "/var/lib/mailman/mailman-hyperkitty/mailman_hyperkitty/__init__.py", line 201, in _send_message files={"message": ("message.txt", message_text)}) File "/var/lib/mailman/venv3/lib64/python3.6/site-packages/requests-2.21.0-py3.6.egg/requests/api.py", line 116, in post return request('post', url, data=data, json=json, **kwargs) File "/var/lib/mailman/venv3/lib64/python3.6/site-packages/requests-2.21.0-py3.6.egg/requests/api.py", line 60, in request return session.request(method=method, url=url, **kwargs) File "/var/lib/mailman/venv3/lib64/python3.6/site-packages/requests-2.21.0-py3.6.egg/requests/sessions.py", line 533, in request resp = self.send(prep, **send_kwargs) File "/var/lib/mailman/venv3/lib64/python3.6/site-packages/requests-2.21.0-py3.6.egg/requests/sessions.py", line 668, in send history = [resp for resp in gen] if allow_redirects else [] File "/var/lib/mailman/venv3/lib64/python3.6/site-packages/requests-2.21.0-py3.6.egg/requests/sessions.py", line 668, in <listcomp> history = [resp for resp in gen] if allow_redirects else [] File "/var/lib/mailman/venv3/lib64/python3.6/site-packages/requests-2.21.0-py3.6.egg/requests/sessions.py", line 247, in resolve_redirects **adapter_kwargs File "/var/lib/mailman/venv3/lib64/python3.6/site-packages/requests-2.21.0-py3.6.egg/requests/sessions.py", line 646, in send r = adapter.send(request, **kwargs) File "/var/lib/mailman/venv3/lib64/python3.6/site-packages/requests-2.21.0-py3.6.egg/requests/adapters.py", line 514, in send raise SSLError(e, request=request)requests.exceptions.SSLError: HTTPSConnectionPool(host=domain.com <http://domain.com>', port=443): Max retries exceeded with url: /hyperkitty/api/mailman/archive?key=SecretArchiverAPIKey (Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:841)'),))*
Rgrds Sandeep
On Sat, Aug 31, 2019 at 10:20 AM sandeep kumar <sandeep7790@gmail.com> wrote:
Team any help
Sent from my iPhone
> On 30-Aug-2019, at 11:18 PM, sandeep kumar <sandeep7790@gmail.com> wrote: > > Hi Team > > Iam using httpd to work with ssl on mailman 3 using proxy pass. > > After this configuration Iam not able to connect to hyperkitty. It is throwing ssl certificate error in mailman.log file. > > What should be the configuration of hyperkitty while using https in mailman..? > > Please help me with this Iam struck here from past 4 days > > Rgrds > Sandeep > > Sent from my iPhone
-- Regards Sandeep Kumar +91-9642669192
Mailman-Developers mailing list -- mailman-developers@python.org To unsubscribe send an email to mailman-developers-leave@python.org https://mail.python.org/mailman3/lists/mailman-developers.python.org/ Mailman FAQ: https://wiki.list.org/x/AgA3
Security Policy: https://wiki.list.org/x/QIA9
-- thanks, Abhilash Raj (maxking)
-- Regards Sandeep Kumar +91-9642669192
-- thanks, Abhilash Raj (maxking)
-- Regards Sandeep Kumar +91-9642669192
-- thanks, Abhilash Raj (maxking)
Do you have new link for this http://docs.mailman3.org/en/latest/prodsetup.html#setting-up-a-wsgi-server currently not accessible.
On Wed, Nov 29, 2023 at 4:56 AM Mark Labeste <marqueejen13@gmail.com> wrote:
Do you have new link for this http://docs.mailman3.org/en/latest/prodsetup.html#setting-up-a-wsgi-server currently not accessible.
https://docs.list.org/en/latest/install/virtualenv.html#setting-up-a-wsgi-se...
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 "Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-) [How to ask smart questions: http://www.catb.org/~esr/faqs/smart-questions.html]
On 11/28/23 20:50, Odhiambo Washington wrote:
On Wed, Nov 29, 2023 at 4:56 AM Mark Labeste <marqueejen13@gmail.com> wrote:
Do you have new link for this http://docs.mailman3.org/en/latest/prodsetup.html#setting-up-a-wsgi-server currently not accessible.
https://docs.list.org/en/latest/install/virtualenv.html#setting-up-a-wsgi-se...
Where did you find the link to <http://docs.mailman3.org/en/latest/prodsetup.html#setting-up-a-wsgi-server>? If it's somewhere in our docs or wiki, I want to fix it.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
participants (4)
-
Abhilash Raj -
Mark Labeste -
Mark Sapiro -
Odhiambo Washington