Version: 1.1.21rc1 CUPS.org User: egclubb.ucdavis
If I use directives "Port 631" and "SSLPort 443" in cupsd.conf, I can connect to the cups server over SSL with a web browser but no jobs or printers are displayed (only the static page elements show). Looking at the error log it appears that the cgi is trying to pass ssl encrypted data from port 443 to a non-ssl connection on localhost:631:
D [16/Jun/2004:12:27:29 -0700] AcceptClient: 6 from 169.237.147.106:443. D [16/Jun/2004:12:27:29 -0700] EncryptClient: 6 Connection from 169.237.147.106 now encrypted. D [16/Jun/2004:12:27:29 -0700] ReadClient: 6 GET /printers HTTP/1.1 D [16/Jun/2004:12:27:29 -0700] CGI /usr/lib/cups/cgi-bin/printers.cgi started - PID = 734 I [16/Jun/2004:12:27:29 -0700] Started "/usr/lib/cups/cgi-bin/printers.cgi" (pid =734) D [16/Jun/2004:12:27:29 -0700] SendCommand: 6 file=9 D [16/Jun/2004:12:27:29 -0700] AcceptClient: 7 from localhost:631. E [16/Jun/2004:12:27:29 -0700] Bad request line "<80><8C>^A^C^A" from localhost! D [16/Jun/2004:12:27:29 -0700] SendError: 7 code=400 (Bad Request) D [16/Jun/2004:12:27:29 -0700] CloseClient: 7 E [16/Jun/2004:12:27:29 -0700] [CGI] CUPS-Get-Printers request failed - server-e rror-internal-error (500)
Removing the "Port 631" directive and only listening on ssl port 443 allows the browser interface to work correctly, but prevents the command-line utilities (lpstat, etc) from working. Using only "SSLPort 631" and setting "Encryption Always" in client.conf seems to allow both the browser and command line utilities to work. The downside to this is that remote cups servers can't submit encrypted print jobs via the TLS option to the default IPP port. Using the "Listen" directive on eth0 at some other port is a workaround for this, but still a pain. What I want is the reverse -- to be able to submit print jobs to the IPP port ("Encryption Required" on server) and manage cups via with a browser on another SSL encrypted port.
该提问来源于开源项目:apple/cups
