My Azure application needs to connect to an API that is deployed on a remote server. The Azure app uses https, while the API uses http. To avoid a mixed content issue, I changed my API address to https. But now I receive the following error:
Failed to load resource: net::ERR_SSL_PROTOCOL_ERROR
So in summary, using http for my API gives me a Mixed Content error, and using https for my API gives me an SSL-related error.
Does anyone have experience providing an SSL certificate to an API thats already been deployed? Any advice would be greatly appreciated. Thank you.
Related
Ant-Media-Server is running on an IPAdress without any domains. We just set up this server to be used for streaming in order to use it from different domains pointing to different servers.
Since all of our domains use ssl, we face the typical connection problem:
mixed Content: The page at 'https://SOMEDOMAIN.com/QUERY' was loaded over HTTPS, but attempted to connect to the insecure WebSocket endpoint 'ws://1.2.3.4:56'. This request has been blocked; this endpoint must be available over WSS.
Ant-Media already offers tutorials on how to install a Let's Encrypt SSL Certificate but sadly it is not available for pure IP-Addresses.
Apart from the Ant-Media Service, the server doesn't has any NGINX, NodeJS, Apache or other http Servers installed - the plan was just to use it for streaming by calling the IP-Address.
Do you have any ideas on how to solve that problem?
Unfortunately, this is not possible.
The goal of having a SSL is ensure you are requesting the right domain name besides encrypting the content between your users and your server.
Here are some alternatives:
create an endpoint in your own app that proxies data to your server.
Instead of playing the IP address, you can play:
/your-proxy-url?stream=http://yourIp.com:port/....
Note that using a proxy will make all the traffic pass through your web app.
As a reference, if you are using PHP on your website, you can have some ideas from here: https://gist.github.com/iovar/9091078
Create a reverse-proxy in front of your web app that redirects the traffic to your IP address.
Both solutions does not change your Ant Media Server, just adds a new resource between your users and your streaming server - adding the SSL on it.
I am connecting to an external soap endpoint using Apache CXF. I am going through a proxy server (using credentials) before I hit the https/SSL external endpoint. The team that supports the external web service is saying that they do not see my basic authentication header. I logged the header and payload from my workstation before just before it leaves my workstation. I can see both the basic authentication and the proxy authentication headers.
My question is really twofold:
1. At what point is the SSL message from my computer actually encrypted?
2. Is it possible for something in the network to be dropping the Basic authorization header?
3. What additional troubleshooting steps can I take?
I found the issue, my proxy server was dropping any header with the word Basic in it.
Thanks,
Brian
Error: - This page isn’t working if the problem continues, contact the site owner. HTTP ERROR 408
Backed:
TWO IIS Web-server and AWS loadbalancer
We have deployed the same site on IIS webserver both the servers are placed behind the AWS classic load balancer.
We have installed the SSL using letsencrpyt one of the IIS server and exported the SSL and then installed the same on the 2nd IIS web server. Locally the site is working and can see that the website is fully secure.
Locally the site is working and can see that the website is fully secure.
Further, we pulled the Private Key: * and Certificate body: * data and installed the same SSL on AWS load balancer But when we try to server the same site through the load balancer it’s not working and we are getting the error: - Error: - This page isn’t working if the problem continues, contact the site owner. HTTP ERROR 408
No logs are being captured in the IIS logs.
Please assist.
Warm Regards,
Recently we have configured SSL to open WSS on our RESTCOMM server, as we got the issue of "getUserMedia()" deprecation issue because of insecure origin issue by chromium fix.
We managed to get WSS working and we can open RESTCOM Admin portal via HTTPs over 8443 port and even OLYMPUS is working too.
But because we have configured a SSL on RESTCOM Server i think even the REST Client API calls need to be on HTTPS too. Am icorrect?
Becuase when we use the HTTP based URLs for programmatically adding clients by invoking REST Client APIs of RESTCOMM, then we are getting SSl certificate issues and the reason for this i think is that we have configured SSL cert to address the getUserMedia() security issue by CHROMIUM fix.
can i request any solution or work around for this pls.
thanks in advance
ias
I have an api (running in a jetty instance) where I use two-legged oauth protocol to give access to the clients. I wrote a simple java client (using oauth-signpost) to connect to the api and the connection is successful.
I would like to put the api behind an apache http server. The apache http server is configured to forward request to api.
The following works:
(without oauth) Client ---> Apache HTTP Server --> Jetty
(with oauth) Client ---> Jetty
The following doesn't work:
(with oauth) Client ---> Apache HTTP Server ---> Jetty
I receive the following error message
"Invalid signature for signature method HMAC-SHA1"
Has any of you faced this issue? Is it possible to sign the request but without the hostname and port?
Thank you.
I had a similar problem. The problem I found was that the OAuth signature and the OAuth header block need to have the Jetty URL, not the Apache URL.
I had to modify my code to pass along two URLs. The URL I was sending the request to (Apache) and the URL of the resource on the final system (Jetty URL).