I've been using private_pub in production for over a year now and recently I've just moved the app from http to https. We have a signed cert already installed and everything else is working within the application but I'm getting the following error when I private_pub/thin submits anything to be pushed.
SocketError (getaddrinfo: Name or service not known)
I have been unable to find anything specifically with this error and private_pub/thin but other issues I've seen have been in relation to sunspot/solr pointing to localhost when it needs 127.0.0.1. My private_pub configs are using the actual https://domain.com.
My app is able to connect to faye.js but I'm getting the server error above.
private_pub_thin.yml:
---
port: 4443
ssl: true
ssl_key_file: /path/to/ssl.key
ssl_cert_file: /path/to/ssl.cert
environment: production
rackup: private_pub.ru
daemonize: true
private_pub.yml:
production:
server: "https://sub.mydomain.com:4443/faye"
secret_token: "<token here>"
signature_expiration: 3600 # one hour
private_pub.ru:
require "bundler/setup"
require "yaml"
require "faye"
require "private_pub"
Faye::WebSocket.load_adapter('thin')
PrivatePub.load_config(File.expand_path("../config/private_pub.yml", __FILE__), ENV["RAILS_ENV"] || "development")
run PrivatePub.faye_app
Any thoughts would be appreciated. Thank you in advance
--- edit ---
I didn't mention this, but I do have the port 4443 opened up on the server's iptables and I even tried turning off iptables altogether for testing. Still got the same error
Figured this out... It was all to do with the SSL certs.
It appears I was missing the CA Bundle or it just wasn't installed correctly. Fixing this and then following this fix here: Using private_pub with SSL
appending the ca_bundle to the actual cert worked.
Also some useful tools I found to help debug:
https://github.com/mislav/ssl-tools/tree/8b3dec4bedcc725a142fa9bc297610f8d09f5d9d https://www.digicert.com/help/
Hope it helps others.