python tornado SSLEOFError: EOF occurred in violation of protocol (_ssl.c:581)

Question

I'm trying to run a chat application using https and secure websockets (wss://) and I'm getting the following error. I am using a self signed certificate which I created. If I access my site from chrome desktop it works. If I access the same site from chrome ios, I get the following error message. Also, from chrome ios, I get the warning for the untrusted certificate and accept it. So I'd like to get it working for chrome ios.

[E 150516 14:01:56 http1connection:700] Uncaught exception
Traceback (most recent call last):
  File "/usr/local/lib/python2.7/dist-packages/tornado/http1connection.py", line 691, in _server_request_loop
    ret = yield conn.read_response(request_delegate)
  File "/usr/local/lib/python2.7/dist-packages/tornado/gen.py", line 807, in run
    value = future.result()
  File "/usr/local/lib/python2.7/dist-packages/tornado/concurrent.py", line 209, in result
    raise_exc_info(self._exc_info)
  File "/usr/local/lib/python2.7/dist-packages/tornado/gen.py", line 810, in run
    yielded = self.gen.throw(*sys.exc_info())
  File "/usr/local/lib/python2.7/dist-packages/tornado/http1connection.py", line 166, in _read_message
    quiet_exceptions=iostream.StreamClosedError)
  File "/usr/local/lib/python2.7/dist-packages/tornado/gen.py", line 807, in run
    value = future.result()
  File "/usr/local/lib/python2.7/dist-packages/tornado/concurrent.py", line 209, in result
    raise_exc_info(self._exc_info)
  File "<string>", line 3, in raise_exc_info
SSLEOFError: EOF occurred in violation of protocol (_ssl.c:581)

here is my code

import tornado.ioloop
import tornado.web
import tornado.options
import tornado.httpserver
import os
import tornado.websocket

import ssl
ssl.PROTOCOL_SSLv23 = ssl.PROTOCOL_TLSv1

clients = []

class IndexHandler(tornado.web.RequestHandler):
  @tornado.web.asynchronous
  def get(request):
    request.render("index.html")

class WebSocketChatHandler(tornado.websocket.WebSocketHandler):
  def open(self, *args):
    print("open", "WebSocketChatHandler")
    clients.append(self)

  def on_message(self, message):        
    print message
    for client in clients:
        client.write_message(message)

  def on_close(self):
    clients.remove(self)

application = tornado.web.Application([(r'/wschat', WebSocketChatHandler), (r'/', IndexHandler)])

data_dir = '/home/bob'

#http_server = tornado.httpserver.HTTPServer(application)
http_server = tornado.httpserver.HTTPServer(application, ssl_options={
    "certfile": os.path.join(data_dir, "myselfsigned.cer"),
    "keyfile": os.path.join(data_dir, "myselfsigned.key"),
})

if __name__ == "__main__":
    tornado.options.parse_command_line()
    http_server.listen(443)
    tornado.ioloop.IOLoop.instance().start()

I'm running python 2.7.9, and tornado 4.1. I suspect I have to monkey patch tornado, but I've tried various monkey patched out there and haven't succeeded. Can someone help me monkey patch tornado, or give detailed steps on how to resolve this issue. Also, I'm new to SSL so explain it to me like I'm 5yrs old :)

Thank you very much for you time and patience!

Answer 1

According to https://blog.httpwatch.com/2013/12/12/five-tips-for-using-self-signed-ssl-certificates-with-ios/ , in order to use a self-signed certificate with apps other than Safari (including Chrome) on iOS, you must install the certificate as a "configuration profile".

The error logged on the server side is harmless and will not be logged as verbosely in Tornado 4.2.