0

I'm confused with the examples of contacting bitcoin-cli as the examples always show sending user name:pass to http does this expose the name:pass?

This command: (I modified the help example from bitcoin-cli help)

curl --user 'rpcuser:rpcpassword' --cacert /home/ssl/mycert.pem --data-binary '{"jsonrpc": "1.0", "id": "curltest", "method": "signrawtransactionwithkey", "params": ["myhex", "["key1","key2"]"]}' -H 'content-type: text/plain;' https://777.77.7.7:8332/

produces the error:

curl: (35) error:1408F10B:SSL routines:ssl3_get_record:wrong version number

But if I replace the https with http it works. Shouldn't bitcoin-cli refuse to work with http and allow https only?

Improve this question

1 Answer 1

Reset to default
2

Bitcoin Core's RPC interface only supports HTTP, not HTTPS.

The reasoning is that the RPC interface is intended for local access by other applications, not over the internet or network access in general. Doing so allows reducing the complexity and attack surface a built-in SSL implementation would bring.

If you really need network access for RPC, use a VPN, or e.g. stunnel to wrap it in SSL.

Improve this answer

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.