I'm experiencing an issue with https requests sent from a Jenkins job, which are blocked and do not reach the final server.
The scenario is as follows:
I have a server where I'm running some backend, exposing APIs both over http and https (it's a django + django rest framework backend)
I implemented a Rhinoceros Plugin in C#, which needs to perform some rest API requests to the above mentioned server
On another server, I'm running a Jenkins job that is responsible for compiling the plugin, installing it on Rhinoceros and run some operations on Rhinoceros for test purposes
All calls over http do work like a charm from the plugin running on the Jenkins job, but all https do not work.
NOTES:
When manually running the plugin outside Jenkins, the https remote request succeed without any issue
Moreover, https requests sent from any other location do work
When the plugin runs from the Jenkins job no trace of any incoming connection is logged into the backend server, so that makes me believe the request never leaves the Jenkins server
WHAT I TRIED:
I installed the domain certificate locally on the Jenkins server, using keytool, on the JAVA_HOME/lib/security/cacerts keystore
I tried to install some Jenkins Plugins to skip certificate check or to trust certain domains
I checked the firewall on the Jenkins machine (adding allow rules for both Java and Rhinoceros applications)
So far, nothing worked.
Any idea?
Thanks
Related
We are currently executing cypress automation on S3 hosted spa application. The test cases are running in local where as in git lab runner i am getting below error
Cypress could not verify that this server is running:
applicationurl
we are verifying this server beacuase it has been configured as your 'baseurl'
Note: corporate proxy settings are in place.
Please suggest is there any additional things to be taken care on cloud front custom domains?
I enabled HTTPS for my APIs using local generated SSL key following the instructions in Enable HTTPS in Spring Boot. The ssl settings are included in application.properties:
server.port=9443
server.ssl.key-store=classpath:server-keystore.jks
server.ssl.key-store-password=123456
server.ssl.keyAlias=server-keypair
server.ssl.key-store-type=JKS
It works with https when tested locally. Then I packaged it as a Jar and deployed on Amazon Beanstalk environment. When I hit endpoint https://eb-env-url:9443/endpoint/, it timed out without any specific error. The Beanstalk log does not show any request was made through to the server at all.
I read it somewhere that personal key may not work when deployed to cloud, but it should at least give me some security error that points to that direction. I suspect this may have to do with the environment configuration. I used to do HTTP only for the environment and did not make any changes to the config after switching to HTTPS. One of the environment variable is SERVER_PORT which is set to 5000. I am not sure if some changes need to made in the Beanstalk environment in order to make HTTPS work.
I've been researching how to connect Tomcat and apache http server because I will have my web application written in angular deployed in apache http server 2.2 (currently succesfully tested on my own computer, local), and my REST service written in java deployed in Tomcat v6,
and what I want now is that when some component is clicked, to make a http request (like this http://localhost:8080/rest/getCars/20130505) that connects with the servlet and use the json provided to use the information provided in another component.
So I have created my own url/json to test the web application on itself, but as I said, it is possible to make the same thing but with a real http URI like it can be seen here: https://angular.io/docs/ts/latest/guide/server-communication.html#!#cors
They use:
let wikiUrl = 'http://en.wikipedia.org/w/api.php';
And I use, as of right now:
private datesUrl = 'src/example.json'; // URL to web API
#Injectable()
getDates(): Observable<Date[]> {
return this.http.get(this.datesUrl)
.map(this.extractData)
.catch(this.handleError);
}
So I believe my next step would be to change that datesUrl and write the http written above: http://localhost:8080/rest/getCars/20130505, so that it connects to Tomcat.
But my problem is that I don't know if this is going to work without any connection done between apache http server and tomcat. I've seen there are connectors, like mod_jk and mod_proxy http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#proxypass
and so on. I would like to know if, in my case, if I need to use this modules for apache http server or it's not necessary, since I have never seen any of this and install the modules is proving to be a challenge. The end game objective I have is to go from local to a real server, but as far as I know there is no need for anyone from the outside to use the webpage, it's only for the business itself, so with access to the server/machine I could still access localhost, same as I do when I test it locally.
You don't need any special connection between the PHP server and the Tomcat server: it's a plain-old HTTP request. Tomcat doesn't care if your PHP script made that request, or if it came from the open internet.
In the case of the PHP script making the request, it's making its standard HTTP call, and doesn't care that you are running a Tomcat server locally or whatever. Just go ahead and do it. If Tomcat is already responding to HTTP requests on that URL, then calling it from PHP requires no further configuration.
I'm working on a site that exposes endpoints over HTTP and HTTPS through Azure Web roles.
We've done some updates to the database, and to force the sites to re-populate their cache we've rebooted the roles. Now, however, the SSL endpoints no longer work - connections to the server are broken.
We've tried reimaging the instances, which also didn't help.
Answering my own question to serve as reference for the future:
We'd removed the certificate used for Remote Desktop access to the site.
Interestingly, this caused the SSL side of the site to fail, but only on a reboot.
Our fix was to replace the certificate, then do a full redeploy to staging and a VIP swap.
It does appear that the load balancer is very sensitive to its certificate configuration. I've found before that if there's any issues with any of the certificates in a package that the load balancer just stops working with no error in the log.
I am using Jetty for the first time to deploy a GWT web app connecting to a Restlet API and I am trying to understand the best way to use it.
I want to make it embeddable so that I can update config during run-time (allowing me to add new domain names etc).
Our web server currently runs Apache to serve a PHP web app and this will be our first time deploying a GWT app and using Jetty.
Is it possible to use Jetty in parallel with Apache (both serving requests on port 80) and since I am embedding it do I use Apache before it reaches Jetty? So Apache receives request and forwards to Jetty?
Both server cannot run on same port. But you can run both on same machine. So use a separate port for jetty.
Jetty receives the request through its own port and doesn't depend on other server.