[MapProxy] Development

Oliver Tonnhofer olt at omniscale.de
Thu May 22 07:18:45 PDT 2014


Hi Jon,

On 21.05.2014, at 01:47, Jon West wrote:
> Has development of Map Proxy stagnated? I'm having issues pulling tiles from a geoserver through basic auth that is hosted on the same machine as the Map Proxy.

I don't understand how this should be related, but we are still working on MapProxy. Release management is a bit behind of what we had planned though.

> mapproxy.source.wms - WARNING - could not retrieve WMS map: Could not verify connection to URL "https://localhost/workspace/wms?..." _ssl.c:492: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol
> 
> Anyone encounter this error before?

MapProxy/Python urllib2 uses the SSL23 method for HTTPS connections. Which means that "A client will send out SSLv2 client hello messages and will indicate that it also understands SSLv3 and TLSv1." 
If your server uses SSL3 then "A server will only understand SSLv3 client hello messages. This especially means, that it will not understand SSLv2 client hello messages which are widely used for compatibility reasons."
Forcing MapProxy to use SSL3 is currently not configurable.

Servers generally should use SSL23. See also: https://www.openssl.org/docs/ssl/SSL_CTX_new.html

But if it is localhost, do you really need HTTPS?


Regards,
Oliver

-- 
Oliver Tonnhofer    | Omniscale GmbH & Co KG    | http://omniscale.com
http://mapproxy.org | https://github.com/olt    | @oltonn




More information about the MapProxy mailing list