Fix SSL negotiation

README.md

@@ -28,8 +28,8 @@ If you have a server that ***will be parasitized*** and you want to proxy it, yo
 ```
 [settings]
 PORT=5555
-SERVER_URL=http://example.org
-SERVER_CONNECTION_TYPE=stateless
+SERVER_URL=localhost
+SERVER_CONNECTION_TYPE=
 CA_KEY=ca.key
 CA_CERT=ca.crt
 CERT_KEY=cert.key
@@ -39,6 +39,8 @@ CLIENT_ENCODING=utf-8
 USE_EXTENSIONS=wayback.Wayback,bio.PyBio
 ```
 
+***Note***: If using Caterpillar Proxy (Python) alone, set `SERVER_URL=localhost`. Otherwise, use the endpoint URL of the Worker script (PHP or Java), e.g., `SERVER_URL=http://example.org`.
+
 - (Optional) Create a certificate for SSL decryption
 
 ```bash

server.py

@@ -240,13 +240,16 @@ def proxy_connect(webserver, conn):
     except Exception as e:
         logger.error("[*] Skipping certificate issuance.", exc_info=e)
         certpath = "default.crt"
+        
+    logger.info("[*] Certificate file: %s" % (certpath))
+    logger.info("[*] Private key file: %s" % (certkey))
 
     # https://stackoverflow.com/questions/11255530/python-simple-ssl-socket-server
     # https://docs.python.org/3/library/ssl.html
     context = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
     context.check_hostname = False
     context.verify_mode = ssl.CERT_NONE
-    context.load_cert_chain(certpath, certkey)
+    context.load_cert_chain(certfile=certpath, keyfile=certkey)
 
     try:
         # https://stackoverflow.com/questions/11255530/python-simple-ssl-socket-server
@@ -254,7 +257,7 @@ def proxy_connect(webserver, conn):
         data = conn.recv(buffer_size)
     except ssl.SSLError as e:
         logger.error(
-            "[*] SSL negotiation failed. Check that the CA certificate is installed.",
+            "[*] SSL negotiation failed.",
             exc_info=e,
         )
         return (conn, b"")