Enable Remote SSL on Weblogic - ssl

I've enabled SSL Listen Port from the Admin Console of Weblogic 11g Version: 10.3.6.0
I've created a self-signed cert following: https://oracle-base.com/articles/11g/weblogic-configure-ssl-for-a-managed-server
But when try https on the browser of a remote machine I get a timeout.
If I try from the local machine using: curl -Ik I get the proper response, it seems that only remote access is disabled.
Accessing via http works fine from my remote machine browser. I did also try telnet but it only works with 7001 but not with 7002 (my secure port). I've already tried changing the secure port number but the result is the same.
My Weblogic server is on a Centos running on VMware ESXi.
What could be blocking the remote SSL connection?

A timeout indicates a firewalling of some sort. As you say yourself if you try locally with curl it works. There is nothing else to check if locally you can but remotely you get a timeout.

Related

Gitlab change ssh port (ubuntu 22.04 LTS, gitlab-ce 15.8.1)

I'm running my own gitlab server on Oracle Cloud
and its Domain handled by Cloudflare
But my gitlab ssh cloning doesn't work at all.
(as far as I can remember, HTTP 413 curl 22 The requested URL returned error: 413)
(And It also happened port 22 network unreachable error)
I think other process hold 22 port, so I tried to change gitlab ssh port to other port.
Changed gitlab.rb (gitlab_shell_ssh_port to other)
Open Oracle Cloud VCN port,
Open Ubuntu Firewall(ufw allow and also tried iptables)
And Add other port on sshd (/etc/ssh/ssh_config)
disable cloudflare DNS Proxy to DNS only.
but It doesn't work and even port is inaccessible.
more than that nothing listen on that port.
what should I do more on this?

Reverse SSH tunneling with not localhost

I have local computer and remote server. Remote server is isolated and is only accessible with this computer. I want to connect to site from server, let it be https://example.com/site
I tried to make a tunnel via ssh -R 6761:example.com:80 remote-server. But when I am trying to use wget http://localhost:6761/site on the remote server - it doesn't work and show 404 whilst wget http://example.com/site working well on local computer.
What I am doing wrong?
You cannot tunnel HTTP that way.
The name of the server you are trying to reach will be included in the request (the Host header), but it will most likely only listen to example.com, not localhost.
You will need to set up a HTTP Proxy (Forward Proxy) on your local machine and tell your http client(s) to use that. (How depends on the client.)

apache mina FTPS on remote requets not works

For the Apache MINA FTP Server SSL FILTER configuration : I tried everything and I read more than 50 posts on stackoverflow to find the error. But still no solution.
Problem Is that,
When the SSL Filter Enabled for the Apache MINA FTP, it is working on server side and at the Server Locally FileZilla Client Can Access to server over implicitSSL it works without problem.
I allowed the 21 port and passive ports over firewall for all ips.
But when the remote client wants to access to the server, SERVER getting request but session.write not works then MINA can not switch to USER exec, SO REMOTE client can not connect FTP server.
But when I disable implicitSSL mode on SERVER side, CLIENT can connect . SO, without SSL, Client Connect Remote SERVER. It is tricky But WHY, what is the problem.
If the problem is firewall , why the client connects when I disable implicitSSL.
If the CODE is or configuration is the problem, WHEN I enable implicitSSL =true, WHY local SERVER filezilla application can connect to server over implicitSSL.
**
Please help.
**

Not able to reach managed server over ssl (https)

I am able to reach my weblogic console over https connection but when I try to launch developer console that is setup as a managed server in the weblogic domain, it fails. However, I can reach the dev console over http port without any issues.
I checked the validity of certs installed my keystore and configured to enable ssl port in managed servers. I am not sure what I am missing here. Please advice if I am missing any additional checks/setups.
For eg,
http://<XXX.cname.com>:9005/console - works on http
https://<XXX.cname.com>:9009/edq - does not work on https
I verified from console that ports are right and ssl ports are enabled.

Kurento Hello World, not returning loopback

I am trying to setup the basic hello world example.
I am using a t2.micro instance with Ubuntu 14.04 LTS and I have the github code for the example on my local machine.
The url I am using is:
https://localhost:8443/index.html?ws_uri=wss://ec2INSTANCE:8888&ice_servers=[{"urls":"stun:stun.l.google.com"}]#
I do not have the stun or turn configured on the server, but it should be ok since I am passing the stun server to use in the url.
Any advice on this?
I just checked my console and I see this, even though port 8888 is open in AWS Security group that this instance is in
VM8812:35 WebSocket connection to 'wss://ec2Instance:8888/' failed: Error in connection establishment: net::ERR_CONNECTION_CLOSED
I was able to get past the issues that I was seeing
Follow basic instructions on a fresh EC2 (Ubuntu 14.04 LTS), using http://doc-kurento.readthedocs.io/en/stable/installation_guide.html
Add a STUN server in conf
Using stun:173.194.66.127:19302
Tested with http://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/
Secure WS to use WSS, which is required due to HTTPS requirement since Chrome 47, using http://doc-kurento.readthedocs.io/en/stable/mastering/securing-kurento-applications.html#configure-javascript-applications-to-use-https
Uncomment secure section of /etc/kurento/kurento.conf.js
Create the self signed certificate, and placed in /etc/kurento
Go to https://ec2InstanceUrl:8433/kurento and accept insecure connection
Go to example https://ec2InstanceUrl:8443
You must verify that your STUN server is working by seeing something similar to the below image, with the srflx under Component Type.