I am trying to retrieve a page on my SSL enabled server with a lua script. Important to note that the server has a self-signed certificate. No problem with certificate issued by a trusted CA.
local https = require("socket.http")
local resp = {}
local r, c, h, s = https.request{
url = "https://my-server:443/example.php",
sink = ltn12.sink.table(resp),
protocol = "tlsv1"
}
The server returns:
Bad Request Your browser sent a request that this server could not understand. Reason: You're speaking plain HTTP to an SSL-enabled server port. Instead use the HTTPS scheme to access this URL, please.
And on the server side, that request produce this entry in the Apache ssl_access.log
192.168.0.150 - - [27/Nov/2011:16:32:07 +0100] "GET /" 400 529 "-" "-"
Furthermore, tcpdump shows that after the SYN-ACK handshake, no SSL 257 Client Hello is sent. Using the same URL from my browser or with wget works ok.
Answer
As Doug Currie said, you should use luasec. In order to enable https.request, you have to require the ssl.https module:
local https = require 'ssl.https'
local r, c, h, s = https.request{
url = "https://my-server:443/example.php",
sink = ltn12.sink.table(resp),
protocol = "tlsv1"
}