Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Trading Discussion
Re: [ANN] FIX gateway available on bitfloor.com
by
ProfMac
on 18/03/2013, 21:39:17 UTC
Quote from: eja on March 18, 2013, 09:12:42 PM

It seems that the cert file that can be downloaded from the fix api page has expired and does not actually match what is currently used on api.bitfloor.com.
You can get current cert file with following command:

openssl s_client -showcerts -connect api.bitfloor.com:5252

From the output copy the lines starting from -----BEGIN CERTIFICATE----- up to and including -----END CERTIFICATE----- and save those to the .crt file
that is in stunnel configuration.



Thanks.  This works.  The stunnel still stops, but it is later in the process.
Do I need a certificate as well?  If so, can it be self signed?

Code:
2013.03.18 16:32:28 LOG7[13652:3077700416]: SNI: host name: api.bitfloor.com
2013.03.18 16:32:28 LOG7[13652:3077700416]: SSL state (connect): before/connect initialization
2013.03.18 16:32:28 LOG7[13652:3077700416]: SSL state (connect): SSLv3 write client hello A
2013.03.18 16:32:28 LOG7[13652:3077700416]: SSL state (connect): SSLv3 read server hello A
2013.03.18 16:32:28 LOG7[13652:3077700416]: Starting certificate verification: depth=0, /C=US/ST=New York/L=New York/O=Bitfloor, Inc./CN=bitfloor.com/emailAddress=support@bitfloor.com
2013.03.18 16:32:28 LOG6[13652:3077700416]: CERT: Locally installed certificate matched
2013.03.18 16:32:28 LOG5[13652:3077700416]: Certificate accepted: depth=0, /C=US/ST=New York/L=New York/O=Bitfloor, Inc./CN=bitfloor.com/emailAddress=support@bitfloor.com
2013.03.18 16:32:28 LOG7[13652:3077700416]: SSL state (connect): SSLv3 read server certificate A
2013.03.18 16:32:28 LOG7[13652:3077700416]: SSL state (connect): SSLv3 read server done A
2013.03.18 16:32:29 LOG7[13652:3077700416]: SSL state (connect): SSLv3 write client key exchange A
2013.03.18 16:32:29 LOG7[13652:3077700416]: SSL state (connect): SSLv3 write change cipher spec A
2013.03.18 16:32:29 LOG7[13652:3077700416]: SSL state (connect): SSLv3 write finished A
2013.03.18 16:32:29 LOG7[13652:3077700416]: SSL state (connect): SSLv3 flush data
2013.03.18 16:32:29 LOG7[13652:3077700416]: SSL state (connect): SSLv3 read server session ticket A
2013.03.18 16:32:29 LOG7[13652:3077700416]: SSL state (connect): SSLv3 read finished A
2013.03.18 16:32:29 LOG7[13652:3077700416]:    1 items in the session cache
2013.03.18 16:32:29 LOG7[13652:3077700416]:    1 client connects (SSL_connect())
2013.03.18 16:32:29 LOG7[13652:3077700416]:    1 client connects that finished
2013.03.18 16:32:29 LOG7[13652:3077700416]:    0 client renegotiations requested
2013.03.18 16:32:29 LOG7[13652:3077700416]:    0 server connects (SSL_accept())
2013.03.18 16:32:29 LOG7[13652:3077700416]:    0 server connects that finished
2013.03.18 16:32:29 LOG7[13652:3077700416]:    0 server renegotiations requested
2013.03.18 16:32:29 LOG7[13652:3077700416]:    0 session cache hits
2013.03.18 16:32:29 LOG7[13652:3077700416]:    0 external session cache hits
2013.03.18 16:32:29 LOG7[13652:3077700416]:    0 session cache misses
2013.03.18 16:32:29 LOG7[13652:3077700416]:    0 session cache timeouts
2013.03.18 16:32:29 LOG6[13652:3077700416]: SSL connected: new session negotiated
2013.03.18 16:32:29 LOG6[13652:3077700416]: Negotiated ciphers: RC4-SHA SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
2013.03.18 16:32:29 LOG5[13652:3077700416]: Error detected on SSL (read) file descriptor: Connection reset by peer (104)
2013.03.18 16:32:29 LOG5[13652:3077700416]: Connection reset: 0 bytes sent to SSL, 0 bytes sent to socket