ssl.SSLError starting REST server with 'ssl true'

[goddard@…]

The following bug report has been submitted:
Platform:        Darwin-19.4.0-x86_64-i386-64bit
ChimeraX Version: 1.0rc202005121634 (2020-05-12 16:34:48 UTC)
Description
Trying to start rest server with "ssl true".

Log:
UCSF ChimeraX version: 1.0rc202005121634 (2020-05-12)  
© 2016-2020 Regents of the University of California. All rights reserved.  
How to cite UCSF ChimeraX  

> remotecontrol rest start ssl true

Traceback (most recent call last):  
File
"/Users/goddard/ucsf/cx-1.0/ChimeraX.app/Contents/Library/Frameworks/Python.framework/Versions/3.7/lib/python3.7/site-
packages/chimerax/core/tasks.py", line 196, in _run_thread  
self.run(*args, **kw)  
File
"/Users/goddard/ucsf/cx-1.0/ChimeraX.app/Contents/Library/Frameworks/Python.framework/Versions/3.7/lib/python3.7/site-
packages/chimerax/rest_server/server.py", line 63, in run  
certfile=cert)  
File
"/Users/goddard/ucsf/cx-1.0/ChimeraX.app/Contents/Library/Frameworks/Python.framework/Versions/3.7/lib/python3.7/ssl.py",
line 1232, in wrap_socket  
context.load_cert_chain(certfile, keyfile)  
ssl.SSLError: [SSL] PEM lib (_ssl.c:3901)  
  
Exception in thread 1:  
ssl.SSLError: [SSL] PEM lib (_ssl.c:3901)  
  
File
"/Users/goddard/ucsf/cx-1.0/ChimeraX.app/Contents/Library/Frameworks/Python.framework/Versions/3.7/lib/python3.7/ssl.py",
line 1232, in wrap_socket  
context.load_cert_chain(certfile, keyfile)  
  
See log for complete Python traceback.  
  




OpenGL version: 4.1 ATI-3.8.24
OpenGL renderer: AMD Radeon Pro Vega 20 OpenGL Engine
OpenGL vendor: ATI Technologies Inc.Hardware:

    Hardware Overview:

      Model Name: MacBook Pro
      Model Identifier: MacBookPro15,3
      Processor Name: 8-Core Intel Core i9
      Processor Speed: 2.4 GHz
      Number of Processors: 1
      Total Number of Cores: 8
      L2 Cache (per Core): 256 KB
      L3 Cache: 16 MB
      Hyper-Threading Technology: Enabled
      Memory: 32 GB
      Boot ROM Version: 1037.100.362.0.0 (iBridge: 17.16.14281.0.0,0)

Software:

    System Software Overview:

      System Version: macOS 10.15.4 (19E287)
      Kernel Version: Darwin 19.4.0
      Time since boot: 11 days 13:14

Graphics/Displays:

    Intel UHD Graphics 630:

      Chipset Model: Intel UHD Graphics 630
      Type: GPU
      Bus: Built-In
      VRAM (Dynamic, Max): 1536 MB
      Vendor: Intel
      Device ID: 0x3e9b
      Revision ID: 0x0002
      Automatic Graphics Switching: Supported
      gMux Version: 5.0.0
      Metal: Supported, feature set macOS GPUFamily2 v1

    Radeon Pro Vega 20:

      Chipset Model: Radeon Pro Vega 20
      Type: GPU
      Bus: PCIe
      PCIe Lane Width: x8
      VRAM (Total): 4 GB
      Vendor: AMD (0x1002)
      Device ID: 0x69af
      Revision ID: 0x00c0
      ROM Revision: 113-D2060I-087
      VBIOS Version: 113-D20601MA0T-016
      Option ROM Version: 113-D20601MA0T-016
      EFI Driver Version: 01.01.087
      Automatic Graphics Switching: Supported
      gMux Version: 5.0.0
      Metal: Supported, feature set macOS GPUFamily2 v1
      Displays:
        Color LCD:
          Display Type: Built-In Retina LCD
          Resolution: 2880 x 1800 Retina
          Framebuffer Depth: 24-Bit Color (ARGB8888)
          Main Display: Yes
          Mirror: Off
          Online: Yes
          Automatically Adjust Brightness: No
          Connection Type: Internal

PyQt version: 5.12.3
Compiled Qt version: 5.12.4
Runtime Qt version: 5.12.8

[Conrad Huang]

Fixed in 82e20c048.

The code works, but uses a self-signed certificate. That means the client will need to trust the self-signed cert. Connecting with a real browser will typically give a warning about an "untrusted" site. Given that ChimeraX REST only listens on localhost, not sure that https over self-signed cert is that great an improvement.