Problem with self-signed certs

I am running version 0.9.0 on a Raspberry Pi. I am able to run the application and connect to it using an ESP8266 with a DHT-11 temperature sensor. No problems until I tried to install my own self-signed certs. I followed the link provided and created all of the necessary keys using the following commands:

openssl genrsa -out server.key 2048
openssl req -new -out server.csr -key server.key
openssl x509 -req -days 1825 -in server.csr -signkey server.key -out server.crt
openssl pkcs8 -topk8 -inform PEM -outform PEM -in server.key -out server.pem

I copied all of the files created above to the /home/pi/Blynk directory which also contains the “server-0.9.0.jar” file and the “server.properties” file. I added the following lines to the “server.properties” file:

server.ssl.cert=server.crt
server.ssl.key=server.pem
server.ssl.key.pass=

I have tried adding the full path as well as “./” before each filename. When I start the server I get the following lines in the “blynk.log” file:

10:43:51.621 INFO - Initializing mail transport. Username : example@gmail.com. SMTP host : smtp.gmail.com:587
10:43:57.165 INFO - Using data dir ‘/home/pi/Blynk’
10:44:03.263 ERROR - Error parsing file ‘/home/pi/Blynk/server.csr’.
10:44:03.264 ERROR - Error parsing file ‘/home/pi/Blynk/server.crt’.
10:44:03.269 ERROR - Error parsing file ‘/home/pi/Blynk/server.pem’.
10:44:03.271 ERROR - Error parsing file ‘/home/pi/Blynk/server.properties’.
10:44:03.275 ERROR - Error parsing file ‘/home/pi/Blynk/server-0.9.0.jar’.
10:44:03.282 ERROR - Error parsing file ‘/home/pi/Blynk/server.key’.
10:44:04.238 INFO - Plain tcp/ip hardware server port 8442.
10:44:15.250 INFO - SSL hardware port 8441.
10:44:15.317 INFO - Enabling SSL for application.
10:44:15.322 WARN - ATTENTION. Certificate /home/pi/Blynk/server.crt, key /home/pi/Blynk/server.pem, clietn cert /home/pi/Blynk paths not valid. Using embedded certs. This is not secure. Please replace it with your own certs.
10:44:21.076 INFO - Application server port 8443.
10:44:21.117 INFO - Administration server port 8777.

Any suggestions?

Dmitriy,

I didn’t add anything regarding the “client.*” properties. This is exactly what I have in the “server.properties” file:

self-signed cert locations

server.ssl.cert=/home/pi/Blynk/server.crt
server.ssl.key=/home/pi/Blynk/server.pem
server.ssl.key.pass=*******

Ok, I’ll check. Thanks for detailed explanation :wink:

@syrinxtech

Fixed in https://github.com/blynkkk/blynk-server/releases/tag/v0.9.1 please check it.

Dmitriy,

That appeared to work! Here are the log entries:

13:27:33.642 DEBUG - Reading user DB finished.
13:27:34.379 DEBUG - hard.socket.idle.timeout = 15
13:27:34.383 INFO - Plain tcp/ip hardware server port 8442.
13:27:45.434 INFO - SSL hardware port 8441.
13:27:45.497 INFO - Enabling SSL for application.
13:27:45.502 WARN - Found server certificates but no client certificate for ‘/home/pi/Blynk’ path. Using one way ssl.
13:27:45.691 DEBUG - app.socket.idle.timeout = 1800
13:27:45.697 INFO - Application server port 8443.
13:27:45.770 INFO - Administration server port 8777.

Thanks for your prompt attention. I really appreciate the effort.

1 Like