Proxy passing setup for stomp over websocket on apache 2.4 - apache

I want to map a domain with my spring websocket deployed on server(tomcat) over port 8090.
I need to access my application through proxy passing over apache 2.4 installed on centOS.
The application(.war file) is being accessed from a client build on
react and this client is on another server.
I followed each step of below article but it is not working in my case.
Getting below error :
WebSocket connection to 'ws://xyz/abc/greeting/251/lcnlhdwc/websocket' failed: Error during WebSocket handshake: Unexpected response code: 400
Please help me.
WebSockets and Apache proxy : how to configure mod_proxy_wstunnel?

Related

Websocket connection to 'wss://mydomain/hub' failed: Error during WebSocket handshake: Unexpected response code: 200

I have a asp.net core app with signalR, working perfectly on development machine and iis too. but when I published to nginx(reverse-proxy) throws an error: failed: Error during WebSocket handshake: Unexpected response code: 200. I found that websocket works better on ssl so I installed self-signed ssl, still problem remains the same. Thanks in advance.
You'll have to configure Nginx to proxy websocket connections, it does not handle websocket connections by default. See http://nginx.org/en/docs/http/websocket.html and NGINX to reverse proxy websockets AND enable SSL (wss://)? for further information about enabling websockets for Nginx.

Proxy tunneling failed: Invalid request -- HOST header was not sent Unable to establish SSL connection

wget fails to download through a proxy server with the following message: Invalid request -- HOST header was not sentUnable to establish SSL connection.
Example:
[root#foosrv0234ccpra ~]# wget https://packages.chef.io/stable/el/6/chefdk-0.18.26-1.el6.x86_64.rpm
--2016-09-27 16:57:44-- https://packages.chef.io/stable/el/6/chefdk-0.18.26-1.el6.x86_64.rpm
Resolving deehprx024ccpxa.ehn.sr.dev.sdc.mycomp.com (deehprx024ccpxa.ehn.sr.dev.sdc.mycomp.com)... 129.35.62.40
Connecting to deehprx024ccpxa.ehn.sr.dev.sdc.mycomp.com (deehprx024ccpxa.ehn.sr.dev.sdc.mycomp.com)|129.35.62.40|:8080... connected.
Proxy tunneling failed: Invalid request -- HOST header was not sentUnable to establish SSL connection.
[root#foosrv0234ccpra ~]# env|grep proxy
http_proxy=http://barsrvprx024ccpxa.ehn.sr.dev.sdc.mycomp.com:8080
https_proxy=http://barsrvprx024ccpxa.ehn.sr.dev.sdc.mycomp.com:8080
no_proxy=barsrvacp014ccpra,barsrvchf014ccpra.ssm.sdc.gts.mycomp.com,localhost,127.0.0.1,barsrvacp014ccpra.ssm.sdc.gts.mycomp.com
It took me a while to get through this, so I'm sharing the issue on StackOverflow. Please have a look at the answer below.
The problem above happens because HTTP 1.1 requires the client to provide a HOST header and the proxy server does not support HTTP 1.1 (refer to RFC 2616 for more details on this requirement).
Some alternatives:
Upgrade your proxy to support HTTP 1.1
Downgrade wget to a version that only supports HTTP 1.0 (wget v1.12 or below)
Find another way to force all HTTP calls to be made using 1.0 and not 1.1 (I haven't explore this possibility and I'm not sure how to do it... downgrading wget solved my issue)

The system cannot infer the transport information from xxxx url

I have been trying to configure a simple pass through proxy using wso2 esb, which points to a REST service in https port.
I had tried doing the same using my development machine (Windows 7) and it is successful.
But when I try repeating the same in production server, in RHEL, I get The system cannot infer the transport information error in system log.
Things Tried
Created passthrough proxy service pointing to https://some.domain.in/something/something.
Tried CURL to https://some.domain.in/something/something and its shows the response properly
Imported certificate from the site to client-truststore.jks. Same was done locally and it worked.
in axis2.xml, edited <parameter name="HostnameVerifier">AllowAll</parameter>under https transporter
Error Message
When clicked in test in configuration console, I got the following message, Invalid address
CURL the proxy service URL, and got Empty response
Checked system logs and saw below logs
Am I missing out something?
I could see in the wso2-error-logs following messages
ERROR {org.apache.synapse.transport.passthru.TargetHandler} - I/O
error: handshake alert: unrecognized_name
javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name
Then I realised that I was using java 1.6 locally but 1.7 in production.
And in Java 1.7 there are some changes in SSL handling
The JDK 7 release supports
the Server Name Indication (SNI) extension in the JSSE client. SNI,
described in RFC 4366 enables TLS clients to connect to virtual
servers.
In order to bypass this, I added JAVA_OPTS="-Djsse.enableSNIExtension=false" in wso2server.sh and restarted.
This solved my problem.
Not sure if this is the correct way though
This url helped me finally

Wildfly 8.1 - Websockets in a Clustered Config?

I have a 2-node cluster setup using the standalone-full-ha.xml configuration on Wildfly 8.1. I'm trying to open up a web socket connection through Apache HTTPD URL, but when I do I see the following error in my logs, and the web socket open fails with an error in JavaScript:
2014-07-28 15:58:52,675 ERROR [io.undertow.request] (default task-4) UT005023: Exception handling request to /WebSocketTest/hello: java.lang.IllegalStateException: UT000077: The underlying transport does not support HTTP upgrade
Is there any way to get such a configuration working in a clustered setup? Or would I need to go to the specific app server port directly and bypass Apache HTTPD?
what version of Apache httpd are you using?
Web Sockets seem to be supported from 2.4 with mod_proxy_wstunnel
also undertow's documentation states that AJP does not support protocol upgrade

SSL issue connecting to 2 diff https server at different port; javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake

Problem Description
Getting "javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake" error while sending SOAP request over Https URL
Environnent:
1) Weblogic 10.3.6.0.1
2) java version "1.6.0_31" Java(TM) SE Runtime Environnent (build 1.6.0_31-b04)
3) Https Server where posting the request is Jetty Server
Overview:
1) In previous release of application it was sending SOAP message to Server 1 over https URL
2) In current release we implemented new requirement where we are using Third party client jar which internally call third party https server
3) Third party client jar is setting up SSL certificate and posting the request. For SSL they are using 443 port and we have opened Proxy for their host server.
4) Now we have 2 third party servers where we are connecting over Https. Server 1 https port is 30042 and Server2 https port is 443.
Usecase Scenario for error:
1) Submit a request to server 1 over https, getting back response properly.
2) Submit a request to Server2 using Third party client jar through proxy server, getting back response properly.
3) Submit a request to server 1 over https, it failing with error “javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake”.
4) Submit a request to Server2 using Third party client jar , getting back response properly.
5) On server 1 it will always fail and we are not able to send SOAP message over Https
6) For Server 1 app is using SOAPConnection and URL API to post SOAPmessage over Https URL
7) For Server 2 app is using third party provided jar which internally opening the socket and writing on it
Error Codes
---------------------------------------------------
javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
Recent Changes to this Environment
Currently we migrated our application from Solaris to Suse Lunix servers.
Processor specs
Linux onsrnasdfgpsdev1 2.6.32.54-0.3-default #1 SMP 2012-01-27 17:38:56 +0100 x86_64 x86_64 x86_64 GNU/Linux
Weblogic 10.3.6.01
java version "1.6.0_31" Java(TM) SE Runtime Environment (build 1.6.0_31-b04) Java HotSpot(TM) 64-Bit Server VM (build 20.6-b01, mixed mode)
Workaround
• For Server 1 connection if we create a raw Socket and set Host and Port(30042).
• The request is going fine.
• But if we use SOAPConnection or HttpsURLConnection the request are not going and throwing Handshake error
• If we use Http Url for Server1 everything works fine
If the Proxy is set using System Property in that case all the subsequent Https call will use that proxy even though your are not setting in your program, java do that internally.
In our case we want to access Server 1 without proxy and for server 2 we want proxy.
So when we were trying first time to access Server2 we were setting Proxy with system property, after that when we were trying to connect to server 1 it was failing coz the https request was going throught proxy and at our proxy server there was no policy set for server 1
Solutions:
1) Donot set proxy at system level, add at connection level
2) Add rule in proxy server for server 1, so both server 1 & 2 go through proxy
3) At runtime remove proxy from system property before calling server1 and after that set it again. So that Server 2 go through proxy.
Solutions will depend on conditions; choose which is suitable for you.
Thanks Bhanu Thapa