I am trying to deploy a data flow server on Cloud foundry and create a simple app.
Only https end point could be exposed. I cannot enable https using this :
http://docs.spring.io/spring-cloud-dataflow/docs/current-SNAPSHOT/reference/htmlsingle/#configuration-security-enabling-https
As ssl is managed by cf. How do I make data flow server using https?
I have this error:
dataflow:>app list
Command failed org.springframework.web.client.ResourceAccessException: I/O error on GET request for "http://dataflow-server.run.aws-usw02-pr.ice.predix.io/apps": Connect to dataflow-server.run.aws-usw02-pr.ice.predix.io:80 [dataflow-server.run.aws-usw02-pr.ice.predix.io/54.201.89.124, dataflow-server.run.aws-usw02-pr.ice.predix.io/52.88.128.224] failed: Connection refused (Connection refused); nested exception is org.apache.http.conn.HttpHostConnectException: Connect to dataflow-server.run.aws-usw02-pr.ice.predix.io:80 [dataflow-server.run.aws-usw02-pr.ice.predix.io/54.201.89.124, dataflow-server.run.aws-usw02-pr.ice.predix.io/52.88.128.224] failed: Connection refused (Connection refused)
Thanks in advance.
Best Regards
as you already mentioned, you can not enable https at the container level inside cloudfoundry today. The traffic between the router and diego cell is not encrypted (unless you are using IPSEC).
So your dataflow server would not be configured with https, just deploy the server as it is. You should rely on your cloudfoundry install to have an open port at 443 on it's loadbalancer that forwards traffic to the router. Later CF incarnations support certificate placement at the router level.
Now, at the client (dataflow-shell) if you are using a valid certificate you don't need to do anything, but if you have a selfsigned certificate, you need to tell it to accept self-signed certificates, or skip validation all together.
Related
We have a gateway generated through jhipster that we cannot get working on production (rancher or aws). Our company has a server proxy that we need to get through to connect to Okta. It does not appear that webflux will allow us to supply our server proxy, so we get "connection refused" errors.
Has anyone run into this? Is there a workaround?
Edit:
Working fine on local.
I have tried to set up an OpenVPN client under docker, using the dperson/openvpn-client image. I get the following error:
UDPv6: Address not available (code=99)
When googling this problem, I've come across this discussion, but I'm not sure how to look at the client and server logs separately.
I'have the full logs on pastebin here
I am able to get the IP of my home address inside the container, but not the IP from the VPN. I appreciate any help
!
The problem here is that the TLS handshake fails.
I extracted this from your logs:
TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
TLS Error: TLS handshake failed
Make sure your server is setup correctly.
At beginning of project I use http for connecting with ec2 directly with ip address not domain name and its connects fine and worked fine to my c# client and web client that connected to ec2 through ip adderess.
Recently I added Https to my load balancer and configured all ec2 with https security groups and there trouble started.
Signalr web client with https and ip address connects fine on ec2 but c# client with https and ip address not connecting. C# client throw connection close method continuously.
To solve that I change my connection url from ip to elastic beanstalk domain name to c# client and signalr connected but following things happen.
1) First time when I connect with beanstalk domain name, it response with 400 header error on connection establishment and serve also reply data from database so first time connection established.
2) After server's reply I invoke another method of server at that time error occurred stated that connection disconnected please start connection before making request to server.
3) In signalr there is a connection close method that invoke if connection has been close and it is not invoking.
4) I have searched my query in Internet and found that we have to configured socket connection on beanstalk as they have same issue with nginx. I am using IIS and there is no particular answer for that.
5) I have try to connect directly on ec2 instance domain name but signalr did not established connection and directly fire connection close method without any error or warning.
6) In my network configuration I have enabled inbound port with 443 and 80. If i made request from my browser to that domain url of beanstalk or ec2 its works fine
If you have any idea to configure socket on aws ec2 or elastic beanstalk might help to solve this problem.
I setup a guacamole server on ubuntu 16.04 Tried to setup a connection to a vnc server on the same machine and always got errors. I tried with RealVNC Xvnc11 TIghtVNC, and even with RDP. no luck. The error messages on log files were:
Creation of WebSocket tunnel to guacd failed: Non-numeric character in element length.
Creation of WebSocket tunnel to guacd failed: java.net.ConnectException:
Connection refused (Connection refused)
An internal error has occurred within the Guacamole server
not a valid RFB client
webSocketsHandshake: invalid client header
Any idea what could be?
The problem was that I was saving the VNC connections settings on the GUACAMOLE PROXY PARAMETERS (GUACD). I set port 5901. Which is not the correct guacd port.
I left this empty and everything worked!
for RDP use RDP encryption select option
it worked for me.
I've disabled SSL Certificate Validation under General Settings because my WordPress site is using http.
But I am still still getting "Failed to connect to api.twilio.com port 443: Connection refused" on live and test credentials."
I've also purge caches on the browser.
I am using the guide from https://www.twilio.com/blog/2017/08/send-sms-wordpress-php-plugin.html.
Does the setting takes time to remove the SSL certification validation or what else could go wrong?
Answered by Twilio support "All connections to the Twilio API endpoints must use HTTPS and so if you have no SSL Cert for your Wordpress website it will refuse the request. You will need to get an SSL Certificate for your website in order to call the API endpoints from your Wordpress site/domain. Disabling SSL Certificate Validation setting on Twilio dashboard is for calls from Twilio to your servers, not the other way around."
I am also facing the same challenge while doing a POC to send SMS using twilio. This is the exception that I am getting.
Exception in thread "main" com.twilio.exception.ApiException: Connect to api.twilio.com:443 [api.twilio.com/54.209.184.12, api.twilio.com/52.45.186.111, api.twilio.com/52.4.111.215, api.twilio.com/52.5.142.82, api.twilio.com/54.165.83.5, api.twilio.com/54.84.239.1, api.twilio.com/52.45.52.233, api.twilio.com/52.72.204.95] failed: Connection refused: connect
at com.twilio.http.NetworkHttpClient.makeRequest(NetworkHttpClient.java:128)
at com.twilio.http.HttpClient.reliableRequest(HttpClient.java:42)
at com.twilio.http.HttpClient.reliableRequest(HttpClient.java:25)
at com.twilio.http.TwilioRestClient.request(TwilioRestClient.java:42)
at com.twilio.rest.api.v2010.account.MessageCreator.create(MessageCreator.java:402)