I am having a hard time tracing an issue and hope someone can help. We have a Joomla Site along with ApnsPHP that is able to send push messages for one app already. We have a second app, using a different PEM. Only the first message is sent out, then there is no answer from the apple push Server and everything hangs until the time out Ends the request.
The same site is running on two other Servers, on Windows and one OS X machine. Both do send out Messages with the same Code/PEM/Tokens successfully. It is the Clients OS X Mac Mini Server which is failing.
This is what I get on the Client machine:
Tue, 15 Dec 2015 17:02:55 +0100 ApnsPHP[42117]: INFO: Trying tls://gateway.push.apple.com:2195...
Tue, 15 Dec 2015 17:02:56 +0100 ApnsPHP[42117]: INFO: Connected to tls://gateway.push.apple.com:2195.
Tue, 15 Dec 2015 17:02:56 +0100 ApnsPHP[42117]: INFO: Sending messages queue, run #1: 1 message(s) left in queue.
Tue, 15 Dec 2015 17:02:56 +0100 ApnsPHP[42117]: STATUS: Sending message ID 1 [custom identifier: CYD-Badge-1] (1/3): 157 bytes.
Related
For a spring boot application I was using the docker image tomcat:jdk11-openjdk-buster from 24-Aug-2021 and the swagger-ui.html would load properly.
Today if I build the Dockerfile again with absolutely no changes to the code or Dockerfile, the swagger-ui.html gives,
The weird thing is if I do a curl -I http://xyzxyz.com/warfile/swagger-ui.html I still get 200
HTTP/1.1 200
Date: Fri, 17 Dec 2021 14:16:19 GMT
Content-Type: text/html
Content-Length: 3381
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Sun, 14 Jan 2018 16:12:50 GMT
I'm convinced something in the docker image has changed. My initial thought going through the issue list at https://github.com/docker-library/tomcat/issues/252 was maybe the http request is redirecting to https.
But if that were the case wouldn't curl give http 302 instead of a 200?
Is there a way I can know changes made to tomcat:jdk11-openjdk-buster image since August?
If it helps I use path based routing using AWS application load balancer, ECS service and container instance as environment
I checked the Dockerfile for tomcat:jdk11-openjdk-buster and realised the tomcat version has been upgraded from 9.x.x to 10.x.x which was causing my app to not run.
So had to change the base image to tomcat:9-jdk11-openjdk which will at least fix the Tomcat version to 9.x.x and openjdk to 11.x.x
I have an angular app that is using karma for tests. I am also using gitlab-ci to automate building and deploying the app.
Recently we wanted to add tests to the pipeline, using our own image with chrome.
Running it in the pipeline produces an error related to not being able to connect to the chrome process:
31 12 2018 10:58:36.116:INFO [karma]: Karma v1.7.1 server started at http://0.0.0.0:9877/
31 12 2018 10:58:36.121:INFO [launcher]: Launching browser ChromeKarma with unlimited concurrency
31 12 2018 10:58:36.134:INFO [launcher]: Starting browser ChromeHeadless
31 12 2018 10:59:36.146:WARN [launcher]: ChromeHeadless have not captured in 60000 ms, killing.
31 12 2018 10:59:36.163:INFO [launcher]: Trying to start ChromeHeadless again (1/2).
31 12 2018 11:00:36.223:WARN [launcher]: ChromeHeadless have not captured in 60000 ms, killing.
31 12 2018 11:00:36.236:INFO [launcher]: Trying to start ChromeHeadless again (2/2).
31 12 2018 11:01:36.296:WARN [launcher]: ChromeHeadless have not captured in 60000 ms, killing.
31 12 2018 11:01:36.310:ERROR [launcher]: ChromeHeadless failed 2 times (timeout). Giving up.
Running the same commands in the same docker image locally ( starting a container with the same image same commands ), I do not get the same error, and the tests run fine.
After some searches I tried adding other flags besides --no-sandbox. This is my current browser configuration:
customLaunchers: {
ChromeKarma: {
base: 'ChromeHeadless',
// We must disable the Chrome sandbox when running Chrome inside Docker (Chrome's sandbox needs
// more permissions than Docker allows by default)
flags: [
'--disable-web-security',
'--disable-gpu',
'--no-sandbox',
'--remote-debugging-port=9222'
]
}
},
I've also tried adding a sleep to the list of commands in the pipeline, and then connecting to the container and running the tests manually. This does not produce the error, and the tests run fine.
Docker version is: Docker version 17.05.0-ce, build 89658be
I should also mention that while inside the container, I ran a ps ax and saw the chrome processes starting and staying up until karma killed them.
Solved this issues myself. Inside our network we use a proxy for accessing the internet. Turns out that this stops chrome from connecting to karma web server. I had to unset the proxy to get it to work. Another way to resolve this, without having to remove the proxy would be adding the following flags to karma.
'--proxy-bypass-list=*',
'--proxy-server=\'http://<my org proxy server>:8080\''
We have an iOS app that reads information from our secure web server. Everything was working great until my friend moved back to the US. Now his phone only downloads data the first time after the app run for the first time after installation or after he switches from phone data to wifi. The app works perfectly every time for me and I'm outside the US (as it did for him before he moved to the US). His relatives have reported the same issue.
Both of us have an iPhone 6 running iOS 10.2. I've got the development code but he's not a developer and doesn't have a macbook so I cant debug his phone directly. I've downloaded the app from Test Flight to make sure I've got the same binary.
(FYI: I did fix an issue with an old self-signed certificate being left behind on the server that caused him issues with SSL failures. I have no TLS/networking info.plist entries in the app other than Non-Exempt Encryption = No.)
Our server is hosted in the US and runs Apache 2.4.18 with PHP and has a commercial certificate. I've run various certificate testers and they all say the certificate works perfectly (even before I added Forwarding Secrecy). I've cranked up the Apache logs to "trace6" to see what the SSL is doing but his second attempts to access the server (almost) never logs anything in the site access.log or error.log.
Occasionally he will get this in the Apache site error.log on his second attempts in the app (I've done a little redacting):
[Sun Jan 29 18:27:48.129214 2017] [ssl:info] [pid 6690] [client 70.211.19.XXX:8740] AH01964: Connection to child 8 established (server (redacted).net:443)
[Sun Jan 29 18:27:48.129312 2017] [ssl:trace2] [pid 6690] ssl_engine_rand.c(126): Seeding PRNG with 656 bytes of entropy
[Sun Jan 29 18:27:48.129354 2017] [ssl:trace3] [pid 6690] ssl_engine_kernel.c(1970): [client 70.211.19.XXX:8740] OpenSSL: Handshake: start
[Sun Jan 29 18:27:48.129365 2017] [ssl:trace3] [pid 6690] ssl_engine_kernel.c(1979): [client 70.211.19.XXX:8740] OpenSSL: Loop: before/accept initialization
[Sun Jan 29 18:27:48.129376 2017] [ssl:trace4] [pid 6690] ssl_engine_io.c(2065): [client 70.211.19.XXX:8740] OpenSSL: I/O error, 11 bytes expected to read on BIO#5566ac3b3e20 [mem: 5566ac3ef790]
[Sun Jan 29 18:27:48.129380 2017] [ssl:trace3] [pid 6690] ssl_engine_kernel.c(2008): [client 70.211.19.XXX:8740] OpenSSL: Exit: error in SSLv2/v3 read client hello A
[Sun Jan 29 18:27:48.129385 2017] [ssl:debug] [pid 6690] ssl_engine_io.c(1227): (70014)End of file found: [client 70.211.19.XXX:8740] AH02007: SSL handshake interrupted by system [Hint: Stop button pressed in browser?!]
[Sun Jan 29 18:27:48.129390 2017] [ssl:info] [pid 6690] [client 70.211.19.XXX:8740] AH01998: Connection closed to child 8 with abortive shutdown (server (redacted).net:443)
One concern here is the line with "OpenSSL: Exit: error in SSLv2/v3 read client hello A". TLS 1.2 is on the server, of course, and SSLv3 is disabled - as I believe it should be.
As a test I created a test app to test DNS, HTTP and HTTPS and he gets 404 errors only on the https pages. I can access any page from my phone as often as I like - at exactly the same time he gets 404s. I then get him to access https:\\www.google.com and it works every time for him. He then tries our server and ... instant 404 and nothing in the server logs.
I repeat - I never have any problems at all. Same phone, same iOS, same binary.
Has anyone come across anything like this before?
EDIT: Updated the scenario and correct some information that wasn't quite right.
I found my issue and it's a little embarrassing but if this helps someone else then here goes. The 404 was trying to tell me something.
In my country all the ISPs are still running IPv4. My friend moved to the US and everything over there is IPv6. Basically, by accident I hadn't setup Apache to point the IPv6/SSL config to the same "HTML" directory as IPv4/SSL - hence the 404s for him and not for me. However IPv6 on port 80 was configured correctly. I couldn't test IPv6 because it's not available to me.
I figured it out after using wget on the server. I could get a hit on the index.html page but nothing else. I found an extra "html" directory and hence the IPv6 config that pointed to it. There was nothing in the logs because they were the wrong logs (rolls eyes and feels like a noob).
I had tried an IPv6 proxy page but, as it turns out, it's broken. Even after I fixed my site and the app works on IPv6 the proxy site still gives SSL errors. It might be using an outdated protocol that I've banned. Quite the red herring.
I'm having a problem in setting up ec2-plugin to work when connecting Jenkins master with "on-demand" slave ec2 instance.
This is a log from Jenkins:
INFO: Connecting to <EC2_PUBLIC_DNS> on port 22, with timeout 10000.
Sep 06, 2016 9:54:53 PM null
INFO: Connected via SSH.
Sep 06, 2016 9:54:54 PM null
WARNING: Authentication failed. Trying again...
Sep 06, 2016 9:55:24 PM null
INFO: Authenticating as docker-client
Sep 06, 2016 9:55:25 PM null
INFO: Connecting to <EC2_PUBLIC_DNS> on port 22, with timeout 10000.
Sep 06, 2016 9:55:25 PM null
INFO: Connected via SSH.
Sep 06, 2016 9:55:26 PM null
On the other hand, I'm able to connect from Jenkins master to slave and vice versa via ssh command without any problem.
Any idea what might be the issue?
Thanks in advance,
Bakir
After long investigation, it turns out that problem was that my unix user docker-client didn't have public ssh key (from keypair) in:
/home/docker-client/.ssh/authorized_keys
but instead it had in
/home/ubuntu/.ssh/authorized_keys
In ec2-plugin config section in Jenkins, I have pem key (from keypair) specified but also I'm trying to connect to docker-client (not ubuntu).
Even though I had passwordless access between jenkins master and docker-client user, that didn't take precedence and pem key was used (without success from now obvious reason)
Make sure the SSH key you have added in Jenkins EC2 plugin is same as what's used for connecting to master instance.
I'm running a web application on openshift using Wildfly 8.1 and I would like to change the default timezone of my application to America/Sao_Paulo (GMT-3).
Today there is 3 hours of difference between my computer and the server running the application.
My desire is that my computer and the server shares the same date.
Server: Tue Nov 11 14:42:19 EST 2014
My computer: Tue Nov 11 17:43:47 BRST 2014
While I got the majority of this answer from Jboss with UTC timezone, it still isn't as simple as try this...
To get this working on OpenShift you would need to change how java is started on your gear by creating an (deploy action hook)[https://developers.openshift.com/en/getting-started-modifying-applications.html]. This allows you to change how your application is deployed (started), so you should be able to append the solution mentioned in the link above to the "start" command that is executed by the cartridge. For Jboss its https://github.com/Nick-Harvey/origin-server/blob/master/cartridges/openshift-origin-cartridge-jbossas/bin/control