Socat openssl error 520

john_r_c · March 27, 2022, 3:03am

I’m doing tests and some experimentation…

I’m able to deploy a socat : bind a .sh to a port and combine it with openssl.

I can access via a browser. (or via curl https://myip:2096/ -k )

but when I try pointing my dns to my IP, I get error 520 from Cloudflare

socat -d -d -v -v OPENSSL-LISTEN:2096,crlf,reuseaddr,fork,verify=0,pf=ip4,cert=/usr/local/cloudflaressl/server.pem,key=/usr/local/cloudflaressl/server.key SYSTEM:/Users/jinto/Applications/socat/sotest.sh

I tried selfsigned .crt and .key
I tried generating a ssl from the web panel in Cloudflare

I hit the error 520 error.

Does anyone would know if I’m missing something ?

john_r_c · March 27, 2022, 1:26pm

I have this in the log

2022/03/26 23:20:36 socat[13791] N accepting connection from LEN=16 AF=2 108.162.241.51:12092 on LEN=16 AF=2 192.168.0.131:2096
2022/03/26 23:20:36 socat[13791] N forked off child process 15490
2022/03/26 23:20:36 socat[13791] N listening on LEN=16 AF=2 0.0.0.0:2096
2022/03/26 23:20:36 socat[15490] N no peer certificate and no check
2022/03/26 23:20:36 socat[15490] N SSL proto version used: TLSv1.3
2022/03/26 23:20:36 socat[15490] N SSL connection using TLS_AES_256_GCM_SHA384
2022/03/26 23:20:36 socat[15490] N SSL connection compression “none”
2022/03/26 23:20:36 socat[15490] N SSL connection expansion “none”
2022/03/26 23:20:36 socat[15490] N forking off child, using socket for reading and writing
2022/03/26 23:20:36 socat[15490] N forked off child process 15496
2022/03/26 23:20:36 socat[15490] N forked off child process 15496
2022/03/26 23:20:36 socat[15490] N starting data transfer loop with FDs [7,7] and [6,6]

2022/03/26 23:20:36.685394 length=336 from=0 to=335
GET / HTTP/1.1
Host: domain.com:2096
Connection: Keep-Alive
Accept-Encoding: gzip
CF-IPCountry: CA
X-Forwarded-For: …ip…
CF-RAY: sdads…-YYZ
X-Forwarded-Proto: https
CF-Visitor: {“scheme”:“https”}
User-Agent: Paw/3.3.6 (Macintosh; OS X/10.15.7) GCDHTTPRequest
CF-Connecting-IP: 107.171.241.80
CDN-Loop: Cloudflare

< 2022/03/26 23:20:36.695419 length=64 from=0 to=63
HTTP/1.1 200 OK \r
Content-Type: text/html; charset=UTF-8;\r
\r\r
\r
< 2022/03/26 23:20:36.696528 length=4 from=64 to=67
hi\r
2022/03/26 23:20:36 socat[15490] N socket 2 (fd 6) is at EOF
2022/03/26 23:20:36 socat[15490] N childdied(): handling signal 20
2022/03/26 23:20:36 socat[15490] N socket 1 (fd 7) is at EOF
2022/03/26 23:20:36 socat[15490] N socket 2 (fd 6) is at EOF
2022/03/26 23:20:36 socat[15490] W xioshutdown_openssl(): SSL_shutdown() → -1
2022/03/26 23:20:36 socat[15490] N exiting with status 0
2022/03/26 23:20:36 socat[13791] N childdied(): handling signal 20

system · April 11, 2022, 1:27pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.