Traceback using 3.3 with noVNC and certificates
3 views
Skip to first unread message
sigwx314
Feb 23, 2026, 8:03:12 PM (8 days ago) Feb 23
to TurboVNC User Discussion/Support
I hadn't tried this in awhile, but with TurboVNC 3.3 with noVNC on Ubuntu 24.04, and including personal certificates the webserver script reports a traceback:
Traceback (most recent call last):
File "/opt/TurboVNC/bin/webserver", line 60, in <module>
httpServer.socket = ssl.wrap_socket(httpServer.socket, server_side = True,
^^^^^^^^^^^^^^^
AttributeError: module 'ssl' has no attribute 'wrap_socket'
Traceback (most recent call last):
File "/opt/TurboVNC/bin/webserver", line 60, in <module>
httpServer.socket = ssl.wrap_socket(httpServer.socket, server_side = True,
^^^^^^^^^^^^^^^
AttributeError: module 'ssl' has no attribute 'wrap_socket'
Looks like wrap_socket from the ssl module was removed in 3.12 (deprecated in 3.7) and looks like a SSLContext needs to be created to handle the wrap_socket now.
DRC
Feb 23, 2026, 11:01:41 PM (8 days ago) Feb 23
to turbovn...@googlegroups.com
I am not very familiar with Python. Do you think you could write a patch?
DRC
DRC
4da...@gmail.com
Feb 24, 2026, 11:19:55 AM (7 days ago) Feb 24
to turbovn...@googlegroups.com
Sure, unless someone beats me to it. I need to check on the before/after changes in the python ssl module so it's validating how it did before.
--
You received this message because you are subscribed to the Google Groups "TurboVNC User Discussion/Support" group.
To unsubscribe from this group and stop receiving emails from it, send an email to turbovnc-user...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/turbovnc-users/462d98e7-619a-45fe-933c-ef80a17d0a2e%40virtualgl.org.
4da...@gmail.com
Feb 24, 2026, 10:36:17 PM (7 days ago) Feb 24
to turbovn...@googlegroups.com
I think this should do it for you:
diff --git a/unix/webserver.in b/unix/webserver.in
index 67abad1a..10d8c261 100755
--- a/unix/webserver.in
+++ b/unix/webserver.in
@@ -57,7 +57,9 @@ httpServer = HTTPServer(('', httpPort),
SimpleHTTPRequestHandler)
if x509CertFile != '' and x509KeyFile != '':
print("noVNC web server: Using X.509 certificate file " + x509CertFile)
print("noVNC web server: Using X.509 private key file " + x509KeyFile)
- httpServer.socket = ssl.wrap_socket(httpServer.socket, server_side = True,
- certfile = x509CertFile,
- keyfile = x509KeyFile)
+
+ context = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
+ context.load_cert_chain(certfile=x509CertFile, keyfile=x509KeyFile)
+ httpServer.socket = context.wrap_socket(httpServer.socket, server_side=True)
+
httpServer.serve_forever()
diff --git a/unix/webserver.in b/unix/webserver.in
index 67abad1a..10d8c261 100755
--- a/unix/webserver.in
+++ b/unix/webserver.in
@@ -57,7 +57,9 @@ httpServer = HTTPServer(('', httpPort),
SimpleHTTPRequestHandler)
if x509CertFile != '' and x509KeyFile != '':
print("noVNC web server: Using X.509 certificate file " + x509CertFile)
print("noVNC web server: Using X.509 private key file " + x509KeyFile)
- httpServer.socket = ssl.wrap_socket(httpServer.socket, server_side = True,
- certfile = x509CertFile,
- keyfile = x509KeyFile)
+
+ context = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
+ context.load_cert_chain(certfile=x509CertFile, keyfile=x509KeyFile)
+ httpServer.socket = context.wrap_socket(httpServer.socket, server_side=True)
+
httpServer.serve_forever()
Reply all
Reply to author
Forward
0 new messages