I used the official jupyter/datascience-notebook:latest image to setup a Jupyter Notebook, and enabled SSL by adding the following 2 lines in .jupyter/jupyter_notebook_config.py (with certificate keys and certs copied to the right place).
c.NotebookApp.certfile = '/home/jovyan/.jupyter/server.crt'
c.NotebookApp.keyfile = '/home/jovyan/.jupyter/server.key'
I also did the following settings on the file:
c.NotebookApp.ip = '*'
c.NotebookApp.open_browser = False
After that, I'm getting the following SSL error on Jupyter server every 15 seconds:
[W 2022-11-26 08:37:44.071 ServerApp] SSL Error on 43 ('127.0.0.1', 33610): [SSL: HTTP_REQUEST] http request (_ssl.c:997)
It seems that some process within the docker container is sending an HTTP request to Jupyter server regularly.
My question:
What is the HTTP request being sent, and is there a way I can stop it?
If I cannot stop that http request, can I at least ask it to generate https instead of http?
Thanks a lot!
Related
I'm running a Docker MERN stack on CentOS 7 with WHM, CPanels and Apache, everything works fine until I reboot the server. I get the following error on the webpage:
The proxy server received an invalid response from an upstream server.
The proxy server could not handle the request
Reason: Error reading from remote server
Additionally, a 502 Bad Gateway error was encountered while trying to use an ErrorDocument to handle the request.
After searching around stackoverflow I found that if I run this command my problem is solved:
iptables -t filter -F
My question is, whats causing my problem? How do I configure my server so I don't need to run this command everytime my server reboots? Do I make a script to run this command everytime it restarts? Do I configure iptables?
Just to answer my own question, I was dumb and forgor to open proper outbound ports, I only opened inbound ports.
I have tried to set up an OpenVPN client under docker, using the dperson/openvpn-client image. I get the following error:
UDPv6: Address not available (code=99)
When googling this problem, I've come across this discussion, but I'm not sure how to look at the client and server logs separately.
I'have the full logs on pastebin here
I am able to get the IP of my home address inside the container, but not the IP from the VPN. I appreciate any help
!
The problem here is that the TLS handshake fails.
I extracted this from your logs:
TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
TLS Error: TLS handshake failed
Make sure your server is setup correctly.
In the past I've used ngrok to test twilio webhooks on my local machine - it's always worked. I'm working on a new app that uses Co-Pilot (not sure if it has anything to do with co-pilot) and I'm getting the 11210 error: HTTP bad host name.
I initialize my tunnel with /Applications/ngrok http -host-header=rewrite local.whicheversiteimworkingon.com:80
The URL listed in the Message Text is http://fcd0ed57.ngrok.io/sms/twilio/incoming but the body shows
Twilio was unable to fetch content from: https://local.thesiteimworkingon.com/sms/twilio/incoming
Error: Unknown host local.thesiteimworkingon.com
Account SID: AC5a22f090b458f6942da879d347451dfd
SID: SM9c45741b5b70967df6a7e196e3bee552
Request ID: 9fde222c-14e1-448e-ad79-4a392d212ffd
Remote Host: local.thesiteimworkingon.com
Request Method: POST
Request URI: https://local.thesiteimworkingon.com/sms/twilio/incoming
SSL Version: TLSv1.2
URL Fragment: true
Unfortunately I don't have an example of this from when it was working - it's been months (maybe 12+) since I've had to do this.
[Update] I've confirmed this happens with co-pilot and regular numbers, starting to think it's environment related.
Have I misconfigured something in order to test this locally?
Can you try the https ngrok instead of http?
Twilio developer evangelist here.
It may be to do with the application server you are using expecting a different host name. When you start Ngrok, you can pass the --host-header flag to rewrite the host header for your application.
ngrok http 3000 --host-header=rewrite local.domain.com
Let me know if that helps at all.
i am using j-meter for load test of a server accessing REST api using POST Https. and it is returning following errors.
Response code: Non HTTP response code: java.net.SocketException
Response message: Non HTTP response message: Connection reset
or
Response code: Non HTTP response code: java.net.SocketException
Response message: Non HTTP response message: Unrecognized Windows Sockets error: 0: recv failed
or
Response code: Non HTTP response code: java.net.ConnectException
Response message: Non HTTP response message: Connection timed out: connect
though load test is successful with http call.
can any one help me to tell the exact issue? whether it is server side issue or client side?
how to fix this?
It might an issue with IPv6 stack, try forcing JVM to use IPv4 addresses by adding the next line to system.properties file (located in "bin" folder of your JMeter installation)
java.net.preferIPv4Stack=true
alternatively you can pass the above property via -D command-line argument like:
jmeter -Djava.net.preferIPv4Stack=true -n -t test.jmx -l result.jtl
More information:
Java Networking Properties
JMeter Properties Reference
Apache JMeter Properties Customization Guide
Overriding Properties Via The Command Line
It might also be a case of using port below 1024 on Windows as non-administrator user, try configuring your application server to run on port above 1024 (default port for HTTPS is 443). Also double check that port 443 (or whatever) is not being used by anything else (for example Skype likes to bind to port and 443)
Issue is resolved by changing the SSL configuration in jmeter.properties file.
it was due to the mismatch of handshaking protocol at server and client side.
jmeter was set with all SSL flavors to handshake with server.
its the trick.
From the documentation found here: https://books.sonatype.com/nexus-book/3.0/reference/docker.html
I can conclude that I cannot create a private docker registry unless I expose it through https.
Docker relies on secure connections using SSL to connect to the repositories. You are therefore required to expose the repository manager to your client tools via HTTPS. This can be configured via an external proxy server or directly with the repository manager. Further details can be found in Section 5.9.4, “Inbound SSL - Configuring to Serve Content via HTTPS”.
I have done all these steps (using reverse-proxy on https://localhost:5001 forwarding to nexus proxy registry with http connector). However now that I want to start pulling from my local registry, I cannot find a way to access it through https.
The following command which is describe here: https://docs.docker.com/engine/reference/commandline/pull/#pull-from-a-different-registry
docker pull localhost:5001/hello-world
returns:
Error response from daemon: error parsing HTTP 400 response body: invalid character '<' looking for beginning of value: "\n\n400 Bad Request\n\nBad Request\nYour browser sent a request that this server could not understand.\nReason: You're speaking plain HTTP to an SSL-enabled server port.\n Instead use the HTTPS scheme to access this URL, please.\n\n\n"
and when I try this:
docker pull https://localhost:5001/hello-world
I get:
invalid reference format
The solution to this is:
either having a valid SSL certificate for the proxy you re accessing the repository through
or
creating a self-signed certificate and manually inserting it in the Windows Trusted root authorities certificates
of the computer you want to access the registry from.
This should resolve any issues and relevant messages. Try accessing https://proxyUrl:5000/v2 and you should now be getting a different message than before as well as be able to pull and push to the registry.