Error when deploying Shiny app to RSConnect - Error in curlPerform - Embedded nul in string

Posit Professional & Hosted Products
,
1

I am trying to deploy the default hello world shiny app (Old Faithful Geyser Data) from RStudio Server Pro to RS Connect. Things were working well before I installed SSL certificates. After I installed the SSL certificates and turned on https for both RStudio Server and RSConnect I seem to get the following error whenever I try to deploy any shiny application.

Preparing to deploy application...Error in curlPerform(curl = curl, .opts = opts, .encoding = .encoding) :

  embedded nul in string: '\025\003\001\0\002\002\n'

Calls: <Anonymous> ... tryCatch -> tryCatchList -> tryCatchOne -> <Anonymous>

Timing stopped at: 0.001 0.002 0.007

Execution halted

Here are a couple links that might be related.
https://github.com/opensdmx/rsdmx/issues/139
https://stackoverflow.com/questions/34036306/geturl-returns-an-embedded-nul-in-string-error-when-using-the-stack-overflow-a

Any ideas about how to troubleshoot this?

2 Likes
2

Interesting! Maybe just try a straight curl of the https://myserver.com:port/ from the RStudio terminal? or follow the redirect to see if you can curl and get the login page HTML? It's late and I'm not thinking super clearly, but that would be my first thought to figure out if some type of miscommunication is happening between the servers. Are these self-signed certificates you're talking about?

Maybe some helpful support articles:

https://support.rstudio.com/hc/en-us/community/posts/115009329408-Self-signed-SSL-certs-and-RStudio-Server-Pro-RStudio-Connect

Of course, the admin guides are helpful as well :slight_smile:

3

Thanks @cole! Your suggestion gave me a much more helpful error message.

con <- curl::curl(url = "https://myserver.com:port")
readLines(con = con)
# Error in readLines(con = con) : 
# Peer's Certificate issuer is not recognized.

RStudio Server Pro and RSConnect are installed on the same virtual machine and are listening on different ports. There is no proxy server. The SSL certificate is was issued and signed by our local certificate authority. The local CA's root certificate is installed on all company computers but might not be installed on the Linux VM where the RStudio software is running. I don't think we would consider this a self signed certificate since it was signed by a CA (internal) with a root certificate, correct?

So I think my next steps will be to add the local CA's root certificate to the list of trusted CA on the Linux VM by following the instructions in your first link.

1 Like
4

Glad to hear it! You're right - your ticket is not "self-signed", and you definitely do not want to use a self-signed cert if you have a local CA available! But you're exactly right, if the CA's root cert is not installed / trusted by your server, that could/would cause the problem! Hopefully installing the local CA's root cert into the list of trusted CA's on your Linux VM will solve the issue!

(Note that your computer will need to trust the CA as well, but it sounds like that may already be taken care of). I hope it works for you! Please let us know how it goes!

1 Like