Issue I’m developing a flask app in which I’d like to send error level logging to an email address. I tried setting up the typical error handler: mail_handler = SMTPHandler(mailhost=(app.config[‘MAIL_SERVER’], app.config[‘MAIL_PORT’]), fromaddr=app.config[‘MAIL_FROM_EMAIL’], toaddrs=[‘me@my_address.com’], subject=’The server died. That sucks… :(‘, credentials=(app.config[‘MAIL_USERNAME’],
Continue readingTag: ssl
cert-manager did not get expected response when querying endpoint, expected <token> but got: <html xml:lang=\"fr-FR\" l… (truncated)"
Issue I have configured a ClusterIssuer apiVersion: cert-manager.io/v1 kind: ClusterIssuer metadata: name: letsencrypt-cluster-issuer spec: acme: email: <myemail> server: https://acme-v02.api.letsencrypt.org/directory privateKeySecretRef: name: letsencrypt-cluster-issuer-key solvers: – http01: ingress: class: nginx and An Ingress apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: cert-manager.io/cluster-issuer: letsencrypt-cluster-issuer kubernetes.io/ingress.class:
Continue readingGKE Ingress for HTTPS and LoadBalancer for TCP on same backend?
Issue The usecase is this: I have a RabbitMQ cluster with STOMP over websocket. The websocket uses SSL (wss:x.x.x.x). I have an Ingress set up to handle the certificates. It forwards the traffic to internal port 15674. The RabbitMQ also
Continue readingK8S traffic to one service via two separate ingress (http + https)
Issue So I have a bunch of services running in a cluster, all exposed via HTTP only ingress object, example: apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: nginx.ingress.kubernetes.io/rewrite-target: /$2 name: some-ingress spec: ingressClassName: nginx rules: – http: paths: – backend: service:
Continue readingHow to configure tls with traefik in kubernetes using yaml?
Issue I am having trouble exposing a service over http and https using traefik 2.9 in Kubernetes. The http endpoint kinda works, I introduced CORS errors somehow once I tried to add https but that is not my main concern.
Continue readingkubernetes ingress not accepting the self signed ssl
Issue My kubernetes ingress is not accepting the self signed certificate and instead when opening the url on firefox the Kubernetes Ingress Controller Fake Certificate is added. All the things done locally on pc with minikube in Kali Linus. Kali
Continue readingStrongloop Heroku Postgres setup SSL error
Issue I am new to the world of Node.js, and have setup an app running on Heroku(free) using StrongLoop. I setup the heroku postgresql addon (free tier), and tried to add the datasource to StrongLoop’s arc composer UI. This UI
Continue readingAngular 13 https
Issue I generated a certificate using certbot. And as a result , I received such files: cert.pem chain.pem fullchain.pem privkey.pem How to make angular 13 work over https? Solution To run ng serve with custom certificate: ng serve –ssl –ssl-key
Continue readingSimpleSAMLphp Unable to validate Signature error
Issue SimpleSAML_Error_Error: UNHANDLEDEXCEPTION Backtrace: 0 simplesamlphp/www/module.php:189 (N/A) Caused by: Exception: Unable to validate Signature Backtrace: 6 simplesamlphp/lib/SAML2/Utils.php:149 (SAML2_Utils::validateSignature) 5 simplesamlphp/lib/SAML2/Assertion.php:494 (SAML2_Assertion::validate) 4 simplesamlphp/modules/saml/lib/Message.php:185 (sspmod_saml_Message::checkSign) 3 simplesamlphp/modules/saml/lib/Message.php:560 (sspmod_saml_Message::processAssertion) 2 simplesamlphp/modules/saml/lib/Message.php:532 (sspmod_saml_Message::processResponse) 1 simplesamlphp/modules/saml/www/sp/saml2-acs.php:81 (require) 0 simplesamlphp/www/module.php:144 (N/A) I’m getting an error
Continue readingNginx 2 different domains on one server
Issue I’d like to know how to configure nginx to get 2 domains working on one server (1 ip address). I want to setup a Keycloak SSO next to a bookstack instance. My issue is that when I want to
Continue readingCAS service ticket validate failed
Issue I have followed a link http://lukesampson.com/post/315838839/cas-on-windows-localhost-setup-in-5-mins, then the cas server works correctly, the login url is http://10.1.1.26:8080/login, the validate url is http://10.1.1.26:8080/serviceValidate. Then I tested it like below: call http://10.1.1.26:8080/login?service=http://10.1.1.9:8081/default.aspx I get the service ticket successfully, such as ST-9-pJ5UDxqKIHP2zuN3JGe4-cas
Continue readingWebLogic 10.3.4 wildcard certificate import
Issue I have a local environment with WebLogic 10.3.4 and and .ear app deployed on it. This app must communicate with external services via REST APIs. These external services are exposed in https and use wildcard certificates. I receive the
Continue readingAngular web app routing within Juniper SSL VPN
Issue Currently I am working on a simple web app, using AngularJS. During the development process, I tested it while the app was locally served by IIS. However, when I deployed it on a company web server and ran it
Continue readingNginx reverse proxy works fine with Safari and Firefox but doesn't work with Chrome
Issue I use Nginx as reverse proxy to forward my Https request to backend server (which runs in Http protocol with port 7654 in the same server). Everything works well in Safari and Firefox, but Chrome throws an error. Chrome
Continue readingSSL error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca:SSL alert
Issue I’m trying to setup Nginx reserve proxy which redirect to a specific host that requires certificate for proper functionality. But I get this error when I hit the endpoint from the browser: 2020/11/05 19:55:21 [error] 6334#6334: *111317 SSL_do_handshake() failed
Continue readingNginx: What does 'upstream disconnected' log means?
Issue I tried TLS connection from <10.220.17.192> to the external server(10.220.224.126) via nginx through reverse proxying, but at the external server, the connection is going to TIME_WAIT instead of getting ESTABLISHED. From the nginx debug logs, I could see, "upstream
Continue readingNginx: What does 'upstream disconnected' log means?
Issue I tried TLS connection from <10.220.17.192> to the external server(10.220.224.126) via nginx through reverse proxying, but at the external server, the connection is going to TIME_WAIT instead of getting ESTABLISHED. From the nginx debug logs, I could see, "upstream
Continue readinglaravel websocket with nuxt and nginx reverse proxy returns 502
Issue Im running laravel 7 & trying to run laravel-websockets with nginx proxy using ssl. unfortunately after I configure everything Im facing WebSocket connection to ‘wss://www.rabter.com:6001/app/174e625ceea907e9e63c?protocol=7&client=js&version=4.3.1&flash=false’ failed: Error during WebSocket handshake: Unexpected response code: 502 Before implementing ssl everything was
Continue readingNGINX Reverse Proxy Configuration Structure
Issue Is there a "proper" structure for the directives of an NGINX Reverse Proxy? I have seen 2 main differences when looking for examples of an NGINX reverse proxy. http directive is used to house all server directives. Servers with
Continue readingInstalling godaddy ssl certificate to server : getting this below error when i restart service nginx
Issue nginx: [emerg] SSL_CTX_use_PrivateKey_file(“/etc/nginx/ssl/mydomain.key”) failed (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: ANY PRIVATE KEY error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib) #HTTPS server configuration server { listen 443; listen [::]:443; ssl on; ssl_certificate /etc/nginx/mydomain.chained.crt; ssl_certificate_key /etc/nginx/mydomain.key; root /var/www/html; server_name mydomain; location / { try_files $uri
Continue readingNginx `proxy_ssl_trusted_certificate` with letsencrypt upstream
Issue I’m trying to use a proxy_pass with nginx where the connection to the upstream server is encrypted. The certificate of the upstream server has been created by a letsencrypt certbot. # upstream server: nginx.conf stream { server { listen
Continue readingTwo layers of NGINX reverse proxies with ssl_client_verify on the second
Issue The project I’m working on is an application that is deployed onto a Kubernetes cluster and uses a smartcard PKI scheme for authentication. This cluster is shared between several applications and not all of these applications need (or even
Continue readingdocker serve content over https without domain (only with public IP Address)
Issue I have two different servers. At Server 1 I have a domain and a IP Address and at Server 2 I have only a public IP Address. At Server 1 I am hosting a webpage and at Server 2
Continue readingHow to Correct 'nginx: [emerg] "stream" directive is not allowed here'
Issue The Question Why does the following Nginx configuration return nginx: [emerg] "stream" directive is not allowed here in /etc/nginx/sites-enabled/default:1? Nginx Configuration… stream { map $ssl_preread_server_name $upstream { example.com 1051; } upstream 1051 { server 127.0.0.1:1051; } server { listen
Continue readingHow can I make nginx reverse proxy for localhost when connectd with IP address?
Issue I made reverse proxy on my nginx like this server { listen 80; server_name localhost; return 301 https://[my domein]$request_uri; } this works well, when I access http://xxx.xxx.xxx.xxx/index.html. My nginx redirect to https://[my domain]/index.html But, when I access https://xxx.xxx.xxx.xxx/index.html Chrome
Continue readingWhat will happen if a SSL-configured Nginx reverse proxy pass to an web server without SSL?
Issue I use Nginx to manage a lot of my web services. They listens different port, but all accessed by the reverse proxy of Nginx within one domain. Such as to access a RESTful-API server I can use http://my-domain/api/, and
Continue readingNginx SSL: error:141CF06C:SSL routines:tls_parse_ctos_key_share:bad key share
Issue I got this error in nginx error log: SSL_do_handshake() failed (SSL: error:141CF06C:SSL routines:tls_parse_ctos_key_share:bad key share) while SSL handshaking I use Let’s Encrypt currently. Any ideas to solve this problem? Thank you, guys. Solution This isn’t your problem. The best
Continue readingInsomnia : Error: SSL peer certificate or SSH remote key was not OK
Issue I added my own certificate to a node.js express server for testing purposes. Then I attempted to contact the post from Insomnia, but I received an error message. Error: SSL peer certificate or SSH remote key was not OK
Continue readingUsing SSL/HTTPS with Motion Video Streaming
Issue Is it possible to create a secure connection using motion? I have embedded my motion stream on an HTML page using Apache, but it will not display as it is an insecure iframe on a secure page. I can
Continue readingnodejs – error self signed certificate in certificate chain
Issue I am facing a problem with client side https requests. A snippet can look like this: var fs = require(‘fs’); var https = require(‘https’); var options = { hostname: ‘someHostName.com’, port: 443, path: ‘/path’, method: ‘GET’, key: fs.readFileSync(‘key.key’), cert:
Continue readingDisable TLS 1.0 & 1.1 OR only use TLS 1.2 and greater in Node.js Express
Issue How can I block TLS 1.0 and TLS 1.1 on my Node.js Express server? I’m using a traditional server setup script: const app = express(); export const server = app.listen(3000); I’m slightly confused why I couldn’t find any documentation
Continue readingMeteor throwing "error: certificate has expired" errror even when setting NODE_TLS_REJECT_UNAUTHORIZED=0
Issue So since we are running our meteor on an old version, we have to disable the node tls rejection in order to get our environments to build. Do not explain to me how this is insecure please, we get
Continue readingSSL Certificate is unable to be verified when sending request to the same machine
Issue I have a remote Ubuntu machine running a node server with next.js and using next-auth for authentication. Everything works fine with HTTP locally. Configuration Here is the code that runs the node server on HTTPS and uses next.js. const
Continue readingRead expiration date and common name from SSL certificate using Node.js
Issue In an https-enabled Node.js I have the certificate as a .pem file. Now I would like to read some data from that file to have information about the certificate, such as its expiration date and the common name. As
Continue readingnginx reverse proxy Angular Node app mixed content http requests
Issue I’m dealing with nginx and node express server, the app used to works fine with reverse proxy over port 80 but the issue started when i installed a SSL with certbot over nginx, i’ve been trying also with https
Continue readingTypeScript tls.TLSSocket() complains about lacking a "socket" argument
Issue I’m mucking around building a very basic IRC bot, and am connecting to the IRC server using raw sockets. I’d written the bot in plain Javascript originally, and am redoing it in TypeScript, but have run into a bit
Continue readingIntermittent ERR_SSL_PROTOCOL_ERROR error for cross domain request
Issue The users of my website are seeing intermittent ERR_SSL_PROTOCOL_ERROR when making cross domain requests to api.flickr.com By intermittent I mean that I’ve seen this happen 4 times out of ~1200 requests to the api yesterday. Failed to load resource:
Continue readingInstalling an ssl certificate in order to serve a local web application?
Issue I need to install a local SSL certificate so that the browser trusts it. This tutorial has instructions for OS X and Windows, but not Ubuntu. https://medium.com/@rubenvermeulen/running-angular-cli-over-https-with-a-trusted-certificate-4a0d5f92747a For example these are the instructions for OS X: Double click on
Continue readingHow to run Angular e2e with SSL enabled?
Issue I have a pretty simple Angular sample project, with some end to end tests. I’m testing OAuth2 and OIDC flows in my end to end tests, and browsers behave quite differently with or without SSL/TLS enabled. So I’d like
Continue readingGet angular-cli to ng serve over HTTPS
Issue The following doesn’t seem to do anything. ng serve –ssl true –ssl-key <key-path> –ssl-cert <cert-path> Creating the Certificate and key by providing them in the default ssl directory still does nothing. It looks like ng server is completely ignoring
Continue readingAngular Calling Self-Signed External Services
Issue In Angular is there a way to call external self-signed HTTPS services either by passing or by attaching the certificate used by the external service? I’m not familiar with the Angular but there is an method in cURL library
Continue readingAngular HTTPS and HTTP requests to API
Issue I have certificated my angular app to run over https by adding ssl: true, sslKey: key, sslCrt: crt to my angular.json and I run via ng serve –ssl –host: 0.0.0.0 It works fine on https://localhost:4200 Problem is that it
Continue readingHow to fix curl: (60) SSL certificate: Invalid certificate chain
Issue I get the following error running curl https://npmjs.org/install.sh | sh on Mac OSX 10.9 (Mavericks): install npm@latest curl: (60) SSL certificate problem: Invalid certificate chain More details here: http://curl.haxx.se/docs/sslcerts.html How do I fix this? Solution Using the Safari browser
Continue readingParse x509 certificate string in node
Issue I need to parse an x509 certificate string using node.js (preferably natively via the crypto api). I need to do this so I can get an object which contains the certificate’s expiry date, so I know when to automatically
Continue reading