I am using Unbound SCIM SDK 1.8.14 and trying to connect with proxy server setting but getting timeOut.
Whether it support proxy?
I have setup my WebLogic container to use http proxy. This is the error that I receive
com.unboundid.scim.sdk.ServerErrorException: java.lang.RuntimeException: java.net.SocketTimeoutException: connect timed out
I also digged down into the sdk code and was not able to find any proxy related code in the SCIMService class.
Related
I wrote an ASP.NET Core 3.1 MVC web application. It's an front end calling a Web API back end.
The application works perfectly on development and Staging.
I can't make it work on Production: the Web API seems ok, I can call it from the browser or Postman.
But I can't reach it from my web app. This is the error from the log when it tries to make a call:
info: System.Net.Http.HttpClient.IApiClient.ClientHandler[100]
Sending HTTP request GET https://webapi.****.it/inetApi/api/links
fail: Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware[1]
An unhandled exception has occurred while executing the request.
System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception.
System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host..
System.Net.Sockets.SocketException (10054): An existing connection was forcibly closed by the remote host.
--- End of inner exception stack trace ---
Staging and Production are both Windows server 2019 machines with IIS10 web server.
Staging has a single website where both the Web API and the web app run as applications:
Web-t.****.it/inetApi
Web-t.****.it/inetW
Production VM has two website, one is supposed to be for internal web apps and the other for APIs:
webapi.****.it/inetApi
intranet.****.it/inetW
We made this VM from the scratch, it's new, there aren't any other application or websites on it.
I already tried to move the Web API application into the same website of the web app to see if that could be the problem, but it doesn't.
I tried to force the web app to use TLS as security protocol using this in my startup.cs:
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls;
But it only change the error:
info: System.Net.Http.HttpClient.IApiClient.ClientHandler[100]
Sending HTTP request GET https://webapi.****.it/inetApi/api/links
fail: Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware[1]
An unhandled exception has occurred while executing the request.
System.Net.Http.HttpRequestException: An error occurred while sending the request.
System.Net.Http.WinHttpException (80072EFF, 12030): Error 12030 calling WINHTTP_CALLBACK_STATUS_REQUEST_ERROR, 'The connection with the server was terminated abnormally'.
at System.Threading.Tasks.RendezvousAwaitable`1.GetResult()
at System.Net.Http.WinHttpHandler.StartRequestAsync(WinHttpRequestState state)
--- End of inner exception stack trace ---
So I tried to call the production Web API from the web app on staging or development, and it works.
Then I tried to use the web app on Production with the staging Web API... and it works too!
This is driving me nuts.
It's like everything in production is working individually, but not together.
I have grants to do everything I need on the VMs... but I'm a developer (and not very good at dealing with systems), and I can't ask much help to the sysadmins because they are overwhelmed in this period.
Any ideas?
According to the Transport security Best practice, as much as possible not to specify the SSL version during the establishment of SSL connection. Just let the OS decide on the SSL protocol version.
https://learn.microsoft.com/en-us/dotnet/framework/network-programming/tls
There might be something wrong with the validation process of the SSL certificate installed on the server-side. As you know, SSL communication requires the trust relationship between the client-side and the server-side, therefore I would like to know how you specify the certificate for your WebAPI project. have you established the trust relationship between the client-side and the server-side? namely, install the service certificate on the client-side. As to explain how it works properly in the development and Staging environment, Http Get request doesn't represent something, please try an Http Post request.
Besides, the SSL protocol requires the DotNet framework/OS support, try to install a high version DotNet framework.
Feel free to let me know if you get something new afterward.
HTTP Error 502.3 - Bad Gateway
There was a connection error while trying to route the request.
Most likely causes:
•The CGI application did not return a valid set of HTTP errors.
•A server acting as a proxy or gateway was unable to process the request due to an error in a parent gateway.
Things you can try:
•Use DebugDiag to troubleshoot the CGI application.
•Determine if a proxy or gateway is responsible for this error.
Detailed Error Information:
Module
AspNetCoreModule
Notification
ExecuteRequestHandler
Handler
aspNetCore
Error Code
0x8007000d
Requested URL
http://localhost:15536/
Physical Path
C:\Users\HenryP\Desktop\NopCommerce_4.2.0\src\Presentation\Nop.Web
Logon Method
Anonymous
Login User
Anonymous
More Information:
This error occurs when a CGI application does not return a valid set of HTTP headers, or when a proxy or gateway was unable to send the request to a parent gateway. You may need to get a network trace or contact the proxy server administrator if it is not a CGI problem.
View more information »
It seems this is not CGI issue. Newest nopCommerce version run on .net core version and require Full Trust. And my experience used Godaddy in the past that they didn't support Full Trust, so you can't install nopCommerce on their platform. You better contact their support team or you can ask this issue on nopCommerce forum. But, it seeems that nopCommerce can't run well on Godaddy platform. If you use nopCommerce, I recommend you can check Asphostportal.
According to your description, this is a generic error for when IIS can't find the specified .NET Core components ,and doesn't know where to forward requests.So i suggest you to check once you select asp.net or asp.net core while creating your site
I have deployed my service fabric stateful api created using default Dotnet framework template in the azure cluster. When I tried to access the api getting below error.
{"Error":{"Code":"E_INVALIDARG","Message":"Invalid argument"}}
However this working fine in my local cluster.
below my api url
https://svfab03test.centralus.cloudapp.azure.com:19080/891d72b6-06cd-4dbf-a6b8-8ee1f4382045/131818608371580228/23f6df71-2458-4e5e-bdfd-76ba47ea8f46/api/values
I have tried like this also but getting the same error
https://svfab03test.centralus.cloudapp.azure.com:19080/PublishTestSF/PublishTestAPI/api/values
Can someone please help
Unless you have changed the defaults configuration, Service Fabric Reverse Proxy by default runs on port 19081, not 19080, the port 19080 is used by the gateway to
provide to access service fabric explorer.
You should try: https://domain:19081/appName/servicename/apipath
if they are stateful, you should pass ?PartitionKey=<key>&PartitionKind=<partitionkind>
Please see the docs in here:
https://learn.microsoft.com/en-us/azure/service-fabric/service-fabric-reverseproxy
The problem is as follows:
We have a SOAP API running behind TLS1.2 and SNI
Our main software is stuck on JDK6 where it is basically impossible to connect to a server using SNI
We need to use Axis 1.4 for SOAP calls
We have set up a simple Apache Proxy rerouting calls to http://proxyIP/foo to https://mainIP/
The proxy works like a charm when tested manually or in a browser.
However, using Axis to do the required SOAP calls fails with an Exception:
Unrecognized SSL message, plaintext connection?
What could cause this and how could we fix this?
Every idea is appreciated.
It is advised that asp net core must use a strong web server such as web listener
or a proxy as an internet gateway. My question is: is the build in reverse proxy strong enough to be that role? If I use asp net core + kestrel in my internal service and all external communication goes through reverse proxy after load balancer, is it secure?
Short answer: no
It's just a proxy with some smart retry logic.
You want to put a WAF, or Azure API manager, in front of it if you want to publish all your internal services to the internet and use kestrel, or use web listener for all your services.
Yes.
"The reverse proxy is built on the same Windows HTTP Server API (http.sys) that WebListener uses which provides the DoS protection that is currently missing from Kestrel." - Vaclav Turecek (github)