jhipster gateway: Error during WebSocket handshake: Unexpected response code: 403 - jhipster-gateway

Used jhipster to create gateway. I use UAA for authorization. I didn't change any settings. Getting an error :( Maybe I need to add something else that wasn't done in the generation process?
URL: wss://**.com/websocket/tracker/883/jj2yk045/websocket
Cookie with access_token, session_token and XSRF-TOKEN.
Message: Error during WebSocket handshake: Unexpected response code: 403

The app was started with TLS disabled. This uses Nginx. After TLS enabled work fine.

Related

iOS App Fails ATS system trust when https is enabled

I have an iOS App that I am compiling in Xcode 11.2.1. I am running MacOS Catalina 10.15.6.
My app consumes a Web Service that works fine when called unsecured over http.
I am now busy implementing security and we have bought a wildcard certificate from digicert and installed it on our API server. I have run the SSLLabs Server Security Test and the server gets an A-grading so all seems fine. We have updated the Android version of the app to use https instead of http and it is working fine. When I access the https endpoints from a browser it works fine and I don't get any security warnings or errors.
However, if I change from http to https and build and run the iOS App I get TLS errors. (I am calling the web service using URLSession and I am using Swift). I am putting a relevant section of the error log below to show the -9802 and -1200 errors I am getting.
ATS failed system trust
Connection 1: system TLS Trust evaluation failed(-9802)
Connection 1: TLS Trust encountered error 3:-9802
Connection 1: encountered error(3:-9802)
...
finished with error [-1200] Error Domain=NSURLErrorDomain Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made." UserInfo={NSURLErrorFailingURLPeerTrustErrorKey=<SecTrustRef: 0x600001082b50>, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9802, NSErrorPeerCertificateChainKey=(
I found https://support.apple.com/en-us/HT210176 and I was wondering if it is perhaps an issue that the "Subject Alternative Name" in our cert is our wildcard domain "*.domain.com" whereas the url we are connecting to is "myapi.domain.com". Could that be the problem? What else could I be missing?
In case someone else stumbles upon this...we ended up adding the specific subdomain we're calling in the API from our app to the "Subject Alternative Names" field on the certificate. So instead of just having "*.mydomain.com" in the Subject Alternative Names, we included both "myapi.domain.com *.mydomain.com". After we deployed this certificate to the server and we again tried calling myapi.domain.com from our app, the error went away and everything worked. (For those worried that this requires the purchase of a new certificate...it doesn't. It's quite possible to get such a copy of your certificate without having to buy a different one. Just check the documentation of the certificate issuer you are using.)

Web Socket failed during Handshake in SignalR application

I am trying to run my signalR application but i am getting the following error : "
WebSocket connection to
'ws://localhost:60377/signalr/connect?transport=webSockets&clientProtocol=2.1&connectionToken=f8tOcpqdXVZ245%2BvWKsSFHaGfl6GePMtKf0Jk9wSIJQxsa5KnEiZFyGoFgYuwbQ%2FirsDjiX%2FHtVRJAvhvmOtrvYJpaZD21GHiyyqBw785nI2TICxJ4P33puQnEnjGSlMpmMBxtNk02XxkTJpZxvClw%3D%3D&connectionData=%5B%7B%22name%22%3A%22geologuehub%22%7D%5D&tid=4'
failed: Error during WebSocket handshake: Unexpected response code:
500"
I would appreciate any help to fix this problem.
Adding the a list of fall-back transports on the javascript fixed the problem. it is weird because i am using googleChrome (Version 77.0.3865.90) and the web socket is not supported!!
$.connection.hub.start({ transport: ['serverSentEvents', 'longPolling'] }).done(function ()
{
console.log(`SignalR connection transport used is "${$.connection.hub.transport.name}"`);
});
This can happen when:
Your hub is not an public class.
Your server can't instantiate the hub.
You'r making an https connection when your server runs on http and vice-versa.

J-Meter, Load on server using POST REST API with HTTP call is working perfectly but missing few calls with HTTPS

i am using j-meter for load test of a server accessing REST api using POST Https. and it is returning following errors.
Response code: Non HTTP response code: java.net.SocketException
Response message: Non HTTP response message: Connection reset
or
Response code: Non HTTP response code: java.net.SocketException
Response message: Non HTTP response message: Unrecognized Windows Sockets error: 0: recv failed
or
Response code: Non HTTP response code: java.net.ConnectException
Response message: Non HTTP response message: Connection timed out: connect
though load test is successful with http call.
can any one help me to tell the exact issue? whether it is server side issue or client side?
how to fix this?
It might an issue with IPv6 stack, try forcing JVM to use IPv4 addresses by adding the next line to system.properties file (located in "bin" folder of your JMeter installation)
java.net.preferIPv4Stack=true
alternatively you can pass the above property via -D command-line argument like:
jmeter -Djava.net.preferIPv4Stack=true -n -t test.jmx -l result.jtl
More information:
Java Networking Properties
JMeter Properties Reference
Apache JMeter Properties Customization Guide
Overriding Properties Via The Command Line
It might also be a case of using port below 1024 on Windows as non-administrator user, try configuring your application server to run on port above 1024 (default port for HTTPS is 443). Also double check that port 443 (or whatever) is not being used by anything else (for example Skype likes to bind to port and 443)
Issue is resolved by changing the SSL configuration in jmeter.properties file.
it was due to the mismatch of handshaking protocol at server and client side.
jmeter was set with all SSL flavors to handshake with server.
its the trick.

503, Service Unavailable error was encountered while trying to use an ErrorDocument to handle the request

Sometimes the following error appears:
Service Unavailable
The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later.
Additionally, a 503 Service Unavailable error was encountered while trying to use an ErrorDocument to handle the request.
How can I fix it?

502 Bad Gateway: Registered endpoint failed to handle the request

I am using this link: http://blog.ibmjstart.net/2015/08/10/drupal-container-on-ibm-bluemix/ to install a Drupal application. But when I try to start the application this message displays: 502 Bad Gateway: Registered endpoint failed to handle the request.
What do I have to change to prevent the 502 error?

Resources