I have an ASP.Net MVC application developed on my system. I want to access my site from remote computer by binding my app with public IP using following Commands,
netsh http add urlacl url=http://192.168.1.42:3000/ user=everyone
in Visual Studio i have updated applicationhost.config file
<binding protocol="http" bindingInformation="*:3000:192.168.1.42" />
but it is still not working saying "Service Unavailable
HTTP Error 503. The service is unavailable."
In applicationhost.config file the localhost must be changed to your computer name.
Related
I am using Mule to expose a web service and deployed it on AWS . It's working fine locally. I can use SoapUI to test http://localhost:8087/hello. But if we call from outside using the host of AWS: http://xxx.xxx.com:8087/hello, it will show connection error. We've opened the port 8087, what else do we need? Thanks!
If you have defined "localhost" in you mule configuration file mule will only listen on the localhost interface. Change the host in your inbound endpoint to 0.0.0.0 to bind to all available interfaces or explicitly specify the IP you want to listen on for incoming requests.
If this doesn't fix it please verify firewall settings again and then post more information such as relevant parts of you mule configuration file.
Our architecture is:
external users<---https--->web server(Apache HTTP server)<----->webapp server (tomcat)
We fail to pass the IBM AppScan, which is used to detect any security defects in webapp server, because it finds our tomcat server.xml file is not added the secure="yes" attribute in our port.
However the secure="yes" attribute should not be added to the tomcat server.xml file because we do not need a secure connection between web server and webapp server.
How can we fix the issue?
Are there any secure="yes" attribute can be added to the configuration file of web server(Apache HTTP server)?
Thanks & Regards,
Gordon
If your users are accessing Tomcat (indirectly) through Apache httpd using TLS (https:// URL) then it is entirely appropriate to set secure="true" in your <Connector>. This tells your web application that the request being received is secure even when it is not (e.g. you are using plain-HTTP between httpd and Tomcat).
So, if you have set scheme="https" on your <Connector> then you probably want to also set secure="true".
This is not a configuration change that you can make on the Apache httpd side... it must be done in Tomcat.
Let's say I have an iis website with two https bindings. One for port 443 and the other one for port 553. The website hosts both ASP.NET MVC and WCF. This means that both of them are accessible via 553 and 443 ports. Is it possible to restrict WCF to be available on port 553 only? I tried the baseAddress config but it does not seem to work.
Env: iis 8.5, Windows 2012
It looks like this does the trick. Note: it does not work with localhost.
<serviceHostingEnvironment multipleSiteBindingsEnabled="false">
<baseAddressPrefixFilters>
<add prefix="https://fully_qualified_name:553"/>
</baseAddressPrefixFilters>
Right click your wcf application in iis then go to edit the bindings. Set the port here. If you have access to source click the wcf project in visual studio, there is a property for path, edit this. Any projects you have that use the web service will need their web reference updated. Change the port on here then right click and update reference
I have a WCF service running under IIS configured to use SSL, with a valid certificate already installed and running.
Visiting the website with
https://my_website/anypage.aspx
I can access the page.
Visiting the url
https://my_website/mywcfservice.svc
I can see the webservice page:
"You have created a service. To test this service, you will need to create a client and use it to call the service(...) ". Note that I'm receiving anyway the warning page saying "There is a problem with this website's security certificate" where I click "Continue to this website".
in server side, the web.config is configured with:
<security mode="Transport">
<transport clientCredentialType="None" />
</security>
...
...
In client side, I'm not using proxy or config file. I'm connecting using code only, like:
this.Channel = new ChannelFactory<T>(binding, new EndpointAddress(serviceUri));
((WSHttpBinding)this.Channel.Endpoint.Binding).Security.Mode = SecurityMode.Transport;
((WSHttpBinding)this.Channel.Endpoint.Binding).Security.Transport.ClientCredentialType = HttpClientCredentialType.None;
this.Channel.CreateChannel();
I have strong rules to connect from client by code so I can't use other way. the channel is well opened but when I'm calling any method I receive error "the remote certificate is invalid according to the validation procedure."
Without https was working ok.
In client side I have a many certificates in "Trusted Root Certification Authorities\Certificates". All of them are also trusted in server side.
Where could be the issue, in client or server side ??
Maybe I need to specify one very precise certificate to use in client side ??
any help appreciate, thanks.
Note that I'm receiving anyway the warning page saying "There is a problem with this website's security certificate" where I click "Continue to this website".
Your client machine does not trust the SSL certificate that you are using on the server. The WCF error you receive is the equivalent to the message that you are getting when you try to hit the service in your browser.
In client side I have a many certificates in "Trusted Root Certification Authorities\Certificates". All of them are also trusted in server side.
You need to configure your client machine to properly trust your SSL certificate. Once you can access the service in your browser with no errors, your client code should work.
I have a wcf application (standalone service self hosted). This is NOT hosted in IIS and hosting it in IIS is not an option.
The service exposes a WCF service. I know that the service contract works because it works with HTTP as transport.
Now, I need to move to https. The intent is to secure the transport only. Client authentication is not required as we assume that anybody connecting to service is within the network.
After making changes to app.config to access httpsTransport in and updating the URLs across board, i started working on associating cert with port. The explanation is in http://msdn.microsoft.com/en-us/library/ms733791.aspx I followed instructions under section "To bind an SSL certificate to a port number". This worked nicely within the local machine. Note that root certificate and development certificate is generated using makecert.exe
When i host the same service in Windows server 2003, all hell breaks loose. The clients do not even get to see the endpoint (note that it's not firewalled as http works). I have followed the steps outlined in the document mentioned above (using httpcfg.exe). This does not work. OpenSSL mentions that server did not provide a certificate.
What can be the problem?
Did your server start correctly on 2003?
Did you configure your client to look for the server's certificate like following snippet? Pleaes check you didn't mistype the name of the certficate.
<endpoint binding="netTcpBinding" bindingConfiguration="DirectConnection"
behaviorConfiguration="Behavior"
contract="AContract"
name="ServiceContract" >
<identity>
<dns value="ServerCertificate.Com" />
</identity>
Turned out that using self signed certificates could not be used on windows 2003 server (this particular instance). I am guessing it's being treated as untrusted cert. Once we got the official certs, things just worked with no changes.