Page 1 of 1
Error: WebServer(SSL) startup failed on address 0.0.0.0 with port: 4443: use_tmp_dh_file: ASN1 lib (PEM routines) [asio
Posted: Wednesday 06 December 2023 21:11
by Robert28
Hi all,
after updating I got:
Code: Select all
Error: WebServer(SSL) startup failed on address 0.0.0.0 with port: 4443: use_tmp_dh_file: ASN1 lib (PEM routines) [asio.ssl:76021773]
Error: WebServer(SSL) check if no other application is using port: 4443
No other application is listening on 4443...
Any advice how to solve this issue?
BR,
Re: Error: WebServer(SSL) startup failed on address 0.0.0.0 with port: 4443: use_tmp_dh_file: ASN1 lib (PEM routines) [a
Posted: Wednesday 06 December 2023 23:42
by waltervl
What did you do to enable ssl / https?
Re: Error: WebServer(SSL) startup failed on address 0.0.0.0 with port: 4443: use_tmp_dh_file: ASN1 lib (PEM routines) [a
Posted: Friday 08 December 2023 10:30
by Robert28
Enabling it via the comman line options:
Code: Select all
./domoticz -www 8080 -sslwww 4443-sslcert /opt/domoticz/server_cert.pem
Re: Error: WebServer(SSL) startup failed on address 0.0.0.0 with port: 4443: use_tmp_dh_file: ASN1 lib (PEM routines) [a
Posted: Friday 08 December 2023 12:51
by waltervl
And if you use default port 443 it works ?
Further I have no clue about using https so I hope somebody else has an idea to find the issue here.
Re: Error: WebServer(SSL) startup failed on address 0.0.0.0 with port: 4443: use_tmp_dh_file: ASN1 lib (PEM routines) [a
Posted: Friday 08 December 2023 20:01
by Robert28
As expected when you are running Domoticz as a non-root user:
Code: Select all
Error: WebServer(SSL) startup failed on address 0.0.0.0 with port: 443: use_tmp_dh_file: ASN1 lib (PEM routines) [asio.ssl:76021773]
Error: WebServer(SSL) check privileges for opening ports below 1024
443 is a privileged port....
Re: Error: WebServer(SSL) startup failed on address 0.0.0.0 with port: 4443: use_tmp_dh_file: ASN1 lib (PEM routines) [a
Posted: Friday 08 December 2023 20:43
by waltervl
So when running Domoticz as root with port 4443 will it work?
Re: Error: WebServer(SSL) startup failed on address 0.0.0.0 with port: 4443: use_tmp_dh_file: ASN1 lib (PEM routines) [a
Posted: Friday 08 December 2023 20:48
by Robert28
Nope, 4443 is a unprivileged port, so being root or non-root is not a difference.
Re: Error: WebServer(SSL) startup failed on address 0.0.0.0 with port: 4443: use_tmp_dh_file: ASN1 lib (PEM routines) [a
Posted: Friday 08 December 2023 21:06
by jvdz
Robert28 wrote: ↑Friday 08 December 2023 10:30
Enabling it via the comman line options:
Code: Select all
./domoticz -www 8080 -sslwww 4443-sslcert /opt/domoticz/server_cert.pem
You do have a space after 4443 as that doesn't show in this post?
Re: Error: WebServer(SSL) startup failed on address 0.0.0.0 with port: 4443: use_tmp_dh_file: ASN1 lib (PEM routines) [a
Posted: Friday 08 December 2023 21:08
by Robert28
Oeps, yes I have...
Re: Error: WebServer(SSL) startup failed on address 0.0.0.0 with port: 4443: use_tmp_dh_file: ASN1 lib (PEM routines) [a
Posted: Thursday 14 December 2023 7:53
by mooninite
I am seeing the same exact error message.
Previously working environment:
Fedora 38 x86_64 - Boost 1.78 - Domoticz 2023.2
Broken environment:
Fedora 39 x86_64 - Boost 1.81 - Domoticz 2023.2
Workaround:
Set the '-ssldhparam' parameter to '/dev/null' and Domoticz will start the web service with SSL. Example: 'domoticz -www 0 -sslwww 8443 -sslcert /var/lib/domoticz/domoticz.pem -sslpass none -sslmethod tlsv12_server -ssloptions default_workarounds -ssldhparam /dev/null -approot /usr/share/domoticz -dbase /var/lib/domoticz/domoticz.db -userdata /var/lib/domoticz/ -loglevel 2'
I believe there was a change in Boost that Domoticz needs to update to be compatible with.
Re: Error: WebServer(SSL) startup failed on address 0.0.0.0 with port: 4443: use_tmp_dh_file: ASN1 lib (PEM routines) [a
Posted: Friday 15 December 2023 8:37
by gizmocuz
@mooninite , do you know if something has changed on the boost site?
Are you using the default domoticz certificate with the DH params included?
What happens when you create a new certificate (also including the DH Params), or create a new certificate but keep the DH Params in a separate file?
Feel free to create a Github issue referencing this topic
Re: Error: WebServer(SSL) startup failed on address 0.0.0.0 with port: 4443: use_tmp_dh_file: ASN1 lib (PEM routines) [a
Posted: Friday 15 December 2023 19:05
by Robert28
Still an error:
Code: Select all
Error: [web:4443] missing SSL DH parameters from file /dev/null
But it works!
Re: Error: WebServer(SSL) startup failed on address 0.0.0.0 with port: 4443: use_tmp_dh_file: ASN1 lib (PEM routines) [a
Posted: Saturday 16 December 2023 8:32
by gizmocuz
I tested with Visual Studio 2022 with boost 1.84 and experience no issues.
Re: Error: WebServer(SSL) startup failed on address 0.0.0.0 with port: 4443: use_tmp_dh_file: ASN1 lib (PEM routines) [a
Posted: Sunday 31 December 2023 10:55
by gizmocuz
I have no issues on my production machines.
HTTPS working fine with the standard certificate
Re: Error: WebServer(SSL) startup failed on address 0.0.0.0 with port: 4443: use_tmp_dh_file: ASN1 lib (PEM routines) [a
Posted: Sunday 31 December 2023 15:06
by Robert28
Domoticz 2023.2 (build 15780) running on Fedora 39 X86_64 with boost 1.81 has still the issue...