You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
@cculianu Indeed! I'm running bchd with TLS enabled for the gRPC API and that enables TLS for the RPC API as well. Fulcrum expect the RPC API to be plain HTTP so I was using nginx proxy_pass https://127.0.0.1:8334/ to strip the TLS encryption. However nginx adds a new header automatically - Connection: keep-alive - that you cannot hide even with proxy_hide_header. So I tried patching Fulcrum to ignore it, which mitigated the issue. However nginx would still send a Connection: close header after a while. At which point I said fuck nginx then tried with socat which worked perfectly!
So if anyone is running bchd with TLS enabled and wants to point Fulcrum to it, you can use socat TCP-LISTEN:1337,fork,reuseaddr ssl:127.0.0.1:8334,verify=0 then set bitcoind = 127.0.0.1:1337 in fulcrum.conf.
As of this commit: ce4b969, you can now just give Fulcrum the --bitcoind-tls option on the CLI or specify bitcoind-tls = true in the conf file to use Fulcrum with bchd HTTPS.
The text was updated successfully, but these errors were encountered:
This option can be specified on the CLI as `--bitcoind-tls` or in the conf
file as `bitcoind-tls = true`. If enabled, then we will connect to the
remote bitcoind using TLS (https) rather than a bare TCP socket (http).
This allows Fulcrum to work flawlessly with default bchd setups, which
enable TLS for all HTTP connections by default (unless the `notls` option
is given to bchd).
See issues #43 and #28.
@cculianu Indeed! I'm running bchd with TLS enabled for the gRPC API and that enables TLS for the RPC API as well. Fulcrum expect the RPC API to be plain HTTP so I was using nginxproxy_pass https://127.0.0.1:8334/
to strip the TLS encryption. However nginx adds a new header automatically -Connection: keep-alive
- that you cannot hide even withproxy_hide_header
. So I tried patching Fulcrum to ignore it, which mitigated the issue. However nginx would still send aConnection: close
header after a while. At which point I said fuck nginx then tried with socat which worked perfectly!So if anyone is running bchd with TLS enabled and wants to point Fulcrum to it, you can usesocat TCP-LISTEN:1337,fork,reuseaddr ssl:127.0.0.1:8334,verify=0
then setbitcoind = 127.0.0.1:1337
in fulcrum.conf.Originally posted by @infertux in #28 (comment)
Update
As of this commit: ce4b969, you can now just give Fulcrum the
--bitcoind-tls
option on the CLI or specifybitcoind-tls = true
in the conf file to use Fulcrum with bchd HTTPS.The text was updated successfully, but these errors were encountered: