douhanshu5517 2019-09-04 10:23
浏览 3333

来自xx.xx.xx.xx:14333的TLS握手错误:EOF

I am running a HTTPS server in Linux (RHEL 7). I am getting the below error as soon as I start the server.

2019/09/04 15:46:16 http: TLS handshake error from xx.xx.xx.xx:60206: EOF
2019/09/04 15:46:21 http: TLS handshake error from xx.xx.xx.xx:31824: EOF

This error is coming automatically and continuously in the terminal. Below is the go code for creating https server -

package main

import (
    "fmt"
    "net/http"

    "github.com/gin-gonic/gin"
)

func main() {
    fmt.Println("Starting webserver")

    router := gin.Default()
    router.GET("/", func(c *gin.Context) {
        c.JSON(http.StatusOK, gin.H{
            "success": true,
        })
    })

    router.RunTLS(":9001", "server.pem", "server.key")
}

We have purchased and combined the server certificate, intermidate certificate and root certificate into a single file to make the server.pem file.

As this error is coming continuously and in the terminal as soon as I start the server, I think there is some configuration problem in the VM?

Please suggest what are the things I can check here.

NOTE: This error is specific to the Go. I have tested on the same server on the same port with same certificates in Node JS. And it works fine. Also the IP in the error message is of the reverse proxy server (WAF) which is continuosly doing health monitoring of the web application server.

  • 写回答

1条回答 默认 最新

  • duanguane1670 2019-09-04 11:26
    关注

    I would attack the problem from two angles:

    1. What is this xx.xx.xx.xx address? I'd expect that when I start some random piece of software, there is nothing to connect to it all by itself, right?

    2. Is there anything special about that 9001 port? Try running nc -l -p 9001 and see whether those unidentified connections happen as well.

      Run tcpdump and see whether there is any incoming traffic from the clients making those connections: those EOFs (that's "end of file") reported by the TLS mchinery most probably mean those clients—whatever they are—close their side of the connection somewhere amidst the TLS handshake—while the server is expecting to read some data from them. This hints at that those clients do not actually expect to see TLS protocol in the connection they open; and they pretty much may send some plaintext in it, so you'll be able to peek at it.

    3. Googling for "9001 port" hints at that it's used for some "ETL service manager" protocol—whatever it is. This hints at that traffic on 9001 might be related to VoIP.

      I have no idea what to do with this, but it might give you some lead for further research.

    评论

报告相同问题?

悬赏问题

  • ¥15 矩阵加法的规则是两个矩阵中对应位置的数的绝对值进行加和
  • ¥15 活动选择题。最多可以参加几个项目?
  • ¥15 飞机曲面部件如机翼,壁板等具体的孔位模型
  • ¥15 vs2019中数据导出问题
  • ¥20 云服务Linux系统TCP-MSS值修改?
  • ¥20 关于#单片机#的问题:项目:使用模拟iic与ov2640通讯环境:F407问题:读取的ID号总是0xff,自己调了调发现在读从机数据时,SDA线上并未有信号变化(语言-c语言)
  • ¥20 怎么在stm32门禁成品上增加查询记录功能
  • ¥15 Source insight编写代码后使用CCS5.2版本import之后,代码跳到注释行里面
  • ¥50 NT4.0系统 STOP:0X0000007B
  • ¥15 想问一下stata17中这段代码哪里有问题呀