How to deploy a jhipster production website to https? - spring-boot

Please could someone provide clear and working instructions to deploy a jhipster site (created with the most up-to-date version) to a server with the most recent LTS ubuntu.
Please note that I have read the documents https://www.jhipster.tech/production/ and https://www.jhipster.tech/production/#security.
I can change the server port to 443 application-prod.yml, but then I get an undertow error (my understanding is that on a linux server to use the port 443 from an application I would have to use sudo to run the application - I don't want/see why I would do that). I have tried port forwarding (Can zuul be configured to listening to port 80, I'm ok with using sudo for this)
sudo iptables -t nat -I OUTPUT -p tcp -d 127.0.0.1 --dport 443 -j REDIRECT --to-ports 8080
but this does not achieve the desired result.
I can access the website through https://111.1.1.1:8080 (not the real ip address), https://mywebsitename.com:8080 (but get self certification issues in the browser [firefox]). I have tried to create an external certificate using the jhipster instructions, but with no success. The jhipster site has 404's or the recommendations given to achieve this have no installation candidate.
How can I set up my jhipster application/server to get the address of the site to be https://mywebsitename.com without errors? Are there any working, up-to-date guides/tutorials I can follow?
edit 1:
Changing the port number to 443 in application-prod.yml gives the error when trying to run:
2020-10-14 16:10:38.151 ERROR 9574 --- [ main] o.s.boot.SpringApplication : Application run failed
org.springframework.boot.web.server.WebServerException: Unable to start embedded Undertow
at org.springframework.boot.web.embedded.undertow.UndertowServletWebServer.start(UndertowServletWebServer.java:155)
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.startWebServer(ServletWebServerApplicationContext.java:297)
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.finishRefresh(ServletWebServerApplicationContext.java:163)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:553)
at org.springframework.boot.web.servlet.context.ServletWebServerApplicationContext.refresh(ServletWebServerApplicationContext.java:141)
at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:747)
at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:397)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:315)
at com.mywebsitename.MywebsitenameApp.main(MywebsitenameApp.java:63)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:566)
at org.springframework.boot.loader.MainMethodRunner.run(MainMethodRunner.java:48)
at org.springframework.boot.loader.Launcher.launch(Launcher.java:87)
at org.springframework.boot.loader.Launcher.launch(Launcher.java:51)
at org.springframework.boot.loader.JarLauncher.main(JarLauncher.java:52) Caused by: java.lang.RuntimeException: java.net.SocketException: Permission denied
at io.undertow.Undertow.start(Undertow.java:247)
at org.springframework.boot.web.embedded.undertow.UndertowServletWebServer.start(UndertowServletWebServer.java:141)
... 16 common frames omitted Caused by: java.net.SocketException: Permission denied
at java.base/sun.nio.ch.Net.bind0(Native Method)
at java.base/sun.nio.ch.Net.bind(Net.java:455)
at java.base/sun.nio.ch.Net.bind(Net.java:447)
at java.base/sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelImpl.java:227)
at java.base/sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.java:80)
at org.xnio.nio.NioXnioWorker.createTcpConnectionServer(NioXnioWorker.java:190)
at org.xnio.XnioWorker.createStreamConnectionServer(XnioWorker.java:243)
at io.undertow.protocols.ssl.UndertowXnioSsl.createSslConnectionServer(UndertowXnioSsl.java:411)
at io.undertow.Undertow.start(Undertow.java:232)
... 17 common frames omitted
This is without and with including provided for undertow in pom.xml, as detailed in https://www.jhipster.tech/production/ section Building an executable JAR / WAR file
I do not care about zuul, and only referenced the stackoverflow page above to give an example of trying to pass through port 8080 to 443 on a system level. The example was using iptables, but this did not work.
On the page https://www.jhipster.tech/production/#security, generation of a certificate was given by using keytool,
me#mycomp:~mywebsitename$ sudo apt install keytool
[sudo] password for me:
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Unable to locate package keytool
This is on an up to date kubuntu 20.04 system.
On the page https://www.jhipster.tech/production/#security it is mentioned that there is tutorial to use Let's Encrypt, https://maximilian-boehm.com/hp2121/Create-a-Java-Keystore-JKS-from-Let-s-Encrypt-Certificates.htm, this returns a 404.
Further down the page, it is suggested that it is possible to use the Apache HTTP server,
me#comp:~/mywebsitename$ sudo apt-get install -y apache2 python-certbot-apache
Reading package lists... Done
Building dependency tree
Reading state information... Done
Package python-certbot-apache is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source
However the following packages replace it:
python3-certbot-apache
E: Package 'python-certbot-apache' has no installation candidate
I'll add more details later. Anyone know of any working guides out there?

Related

Jmeter RTE Plugin Connection timed out: connect

I'm trying to use Jmeter RTE Plugin to make mainframe tests.
Using a pconn or wc3270, it`s connects good but trying to record or using an existent JMX file, i'm getting a connection exception.
There is any other configuration that I need to do?
com.blazemeter.jmeter.rte.core.exceptions.RteIOException: Communication error wit server: 192.168.2.2
at com.blazemeter.jmeter.rte.core.listener.ExceptionHandler.throwAnyPendingError(ExceptionHandler.java:41)
at com.blazemeter.jmeter.rte.protocols.tn3270.Tn3270Client.connect(Tn3270Client.java:159)
at com.blazemeter.jmeter.rte.sampler.RTESampler.buildClient(RTESampler.java:617)
at com.blazemeter.jmeter.rte.sampler.RTESampler.sample(RTESampler.java:516)
at org.apache.jmeter.threads.JMeterThread.doSampling(JMeterThread.java:638)
at org.apache.jmeter.threads.JMeterThread.executeSamplePackage(JMeterThread.java:558)
at org.apache.jmeter.threads.JMeterThread.processSampler(JMeterThread.java:489)
at org.apache.jmeter.threads.JMeterThread.run(JMeterThread.java:256)
at java.base/java.lang.Thread.run(Thread.java:834)
Caused by: java.net.ConnectException: Connection timed out: connect
at java.base/java.net.PlainSocketImpl.waitForConnect(Native Method)
at java.base/java.net.PlainSocketImpl.socketConnect(PlainSocketImpl.java:107)
at java.base/java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:412)
at java.base/java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:255)
at java.base/java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:237)
at java.base/java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
at java.base/java.net.Socket.connect(Socket.java:608)
at com.bytezone.dm3270.streams.TerminalServer.run(TerminalServer.java:48)
... 1 more
I already tried; reinstall jmeter, java, get a jmeter working installation and script but nothing fixed that issue.
Configs of wc3270 and rte plugin
Unfortunately we're not able to help without seeing your wc3270 and RTE Config (or RTE Recorder) configuration details.
The exception means that JMeter cannot connect to the host 192.168.2.2 on the given port so I would recommend double checking that you can reach that host using telnet or equivalent.
You can also enable debug logging and see whether jmeter.log file contains any clues.
And finally you can check out Testing Mainframe Environments Using Open Source Tools and cross check it with your setup, maybe you're missing something obvious.
Coming back on this thread to share the solution and add an information.
My jmeter test it`s connecting through VPN connection and the problem it was Java trying to use IPv4 over IPv6 for IPv4 connections.
resolution: setx _JAVA_OPTIONS -Djava.net.preferIPv4Stack=true

Jenkins - slave mac - unable to connect

I have a Jenkins build server (v2.77) installed on a windows server 2016 and I'd like to add a mac as a slave node. I set the node to run via "Java Web Start". On the mac side I downloaded the slave-agent.jnlp file from jenkins, but it doesn't connects to the server.
This is the exception:
java.io.IOException: Failed to connect to 37.210.56.16:49693
at org.jenkinsci.remoting.engine.JnlpAgentEndpoint.open(JnlpAgentEndpoint.java:243)
at hudson.remoting.Engine.connect(Engine.java:660)
at hudson.remoting.Engine.innerRun(Engine.java:524)
at hudson.remoting.Engine.run(Engine.java:447)
Caused by: java.net.ConnectException: Operation timed out
at java.base/sun.nio.ch.Net.connect0(Native Method)
...
I tried to turn off the windows firewall, to change the TCP port for JNLP agents option in jenkins to fixed/random, but they didn't connected.
Any ideas?
Thanks for help
Finally I found the solution. I rent the server from the google, and in the google cloud console I had to define for this VM instance a firewall rule to accept a specific port number for this JNLP agent connection. Now it's working well.

tor not working with sqlmap

root#kali:~# sqlmap --tor --tor-type=SOCKS5 -u http://www.target.com/abc.php?cat=50
sqlmap/1.0-dev - automatic SQL injection and database takeover tool
http://sqlmap.org
[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program
[*] starting at 14:18:00
[14:18:00] [WARNING] increasing default value for option '--time-sec' to 10 because switch '--tor' was provided
[14:18:00] [INFO] setting Tor SOCKS proxy settings
[14:18:00] [INFO] testing connection to the target URL
[14:18:00] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request
[14:18:00] [WARNING] please make sure that you have Tor installed and running so you could successfully use switch '--tor' (e.g. 'https://help.ubuntu.com/community/Tor')
[14:18:01] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request
[14:18:02] [CRITICAL] unable to connect to the target URL or proxy. sqlmap is going to retry the request
[14:18:03] [CRITICAL] unable to connect to the target URL or proxy
[*] shutting down at 14:18:03
how to fix this ???
You have to install tor apt-get install tor and then run tor in a terminal, after that you can do sqlmap --tor --tor-type socks5 --tor-port=9050 --check-tor -u http://www.target.com/abc.php?cat=50 to execute with tor.
I had a very similar issue the way that I solved it was to use proxychains and edit the proxychains conf file to route requests through tor. It is easy enough to do
I do not have kali open but you can find the file by opening the terminal and typing
locate proxychains.conf

Problems recording http requests in Jmeter

I'm trying to record my use of a web application, so that I can replicate it for the purpose of load tests. I've never used JMeter before, so I wanted to start with a simple example.
I follow this tutorial: http://jmeter.apache.org/usermanual/jmeter_proxy_step_by_step.pdf and when I get to step 23 (navigating to a webpage), the page gives me back an error:
org.apache.http.conn.HttpHostConnectException: Connection to http://jmeter.apache.org refused at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:190) at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:294) at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:643) at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:479) at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:906) at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:805) at org.apache.jmeter.protocol.http.sampler.HTTPHC4Impl.executeRequest(HTTPHC4Impl.java:481) at org.apache.jmeter.protocol.http.sampler.HTTPHC4Impl.sample(HTTPHC4Impl.java:298) at org.apache.jmeter.protocol.http.sampler.HTTPSamplerProxy.sample(HTTPSamplerProxy.java:74) at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1105) at org.apache.jmeter.protocol.http.proxy.Proxy.run(Proxy.java:236) Caused by: java.net.ConnectException: Connection timed out: connect at java.net.DualStackPlainSocketImpl.connect0(Native Method) at java.net.DualStackPlainSocketImpl.socketConnect(DualStackPlainSocketImpl.java:69) at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:339) at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:200) at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:182) at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:157) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:391) at java.net.Socket.connect(Socket.java:579) at org.apache.http.conn.scheme.PlainSocketFactory.connectSocket(PlainSocketFactory.java:127) at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:180) ... 10 more
Has anyone seen this problem before? Have I made a mistake in the proxy-config?
At "step 18. Address – enter “localhost” or the IP address of your system"
I entered localhost, even though the web app I'm recording (http://jmeter.apache.org/index.html) isn't deployed locally. Is that a mistake?
Can anyone give me more insight?
No this is not a mistake. Enter localhost as your proxy.
Also make sure your Testscript recorder is actually on and recording.
Follow The steps mentioned below:
Open Commandline.
Goto the location where the JMeter files are coppied.
Run the following command: jmeter -H proxyname -P 8080 -u username -a password -N localhost (username, password, localhost are optional).
This opens JMeter in UI mode.
Now, follow usual steps to record the application.
Bear in mind that, as it says in the user manual:
Parameters provided on a command-line may be visible to other users on the system.

TCP Channel initialization failed error when starting Websphere Application Server

I'm encountering an error when I tried to run my websphere application server.
TCP Channel TCPInboundChannel_ipcc.Default_IPC_Connector_Name initialization failed. The socket bind failed for host localhost and port 9633. The port may already be in use.
Below is the stack trace of the error:
[9/13/10 15:35:12:942 SGT] 00000000 JMXSoapAdapte A ADMC0013I: The SOAP connector is available at port 8880
[9/13/10 15:35:12:967 SGT] 00000000 TCPPort E TCPC0003E: TCP Channel TCPInboundChannel_ipcc.Default_IPC_Connector_Name initialization failed. The socket bind failed for host localhost and port 9633. The port may already be in use.
[9/13/10 15:35:12:992 SGT] 00000000 IPCConnectorS E ADMC0072E: Failed to initialize or start channel chain IPCCInboundChain.Default_IPC_Connector_Name/LC_IPCCInboundChain.Default_IPC_Connector_Name due to exception com.ibm.wsspi.channel.framework.exception.ChainGroupException:
Error initializing chain IPCCInboundChain.Default_IPC_Connector_Name in group IPCCInboundGroup.Default_IPC_Connector_Name, exception=com.ibm.wsspi.channel.framework.exception.RetryableChannelException: Cannot assign requested address: bind
at com.ibm.ws.channel.framework.impl.ChannelFrameworkImpl.initChainGroup(ChannelFrameworkImpl.java:3667)
at com.ibm.ws.runtime.component.ChannelFrameworkServiceImpl.initChainGroup(ChannelFrameworkServiceImpl.java:772)
at com.ibm.ws.management.connector.ipc.IPCConnectorServer.start(IPCConnectorServer.java:330)
at com.ibm.ws.management.component.JMXConnectors.startIPCConnector(JMXConnectors.java:970)
at com.ibm.ws.management.component.JMXConnectors.stateChanged(JMXConnectors.java:2211)
at com.ibm.ws.security.core.distSecurityComponentImpl.fireEvent(distSecurityComponentImpl.java:2181)
at com.ibm.ws.security.core.distSecurityComponentImpl.fireStartedEvent(distSecurityComponentImpl.java:2143)
at com.ibm.ws.security.core.distSecurityComponentImpl.startSecurity(distSecurityComponentImpl.java:642)
at com.ibm.ws.security.core.SecurityComponentImpl.startSecurity(SecurityComponentImpl.java:109)
at com.ibm.ws.security.core.ServerSecurityComponentImpl.start(ServerSecurityComponentImpl.java:338)
at com.ibm.ws.runtime.component.ContainerHelper.startComponents(ContainerHelper.java:538)
at com.ibm.ws.runtime.component.ContainerImpl.startComponents(ContainerImpl.java:627)
at com.ibm.ws.runtime.component.ContainerImpl.start(ContainerImpl.java:618)
at com.ibm.ws.runtime.component.ApplicationServerImpl.start(ApplicationServerImpl.java:227)
at com.ibm.ws.runtime.component.ContainerHelper.startComponents(ContainerHelper.java:538)
at com.ibm.ws.runtime.component.ContainerImpl.startComponents(ContainerImpl.java:627)
at com.ibm.ws.runtime.component.ContainerImpl.start(ContainerImpl.java:618)
at com.ibm.ws.runtime.component.ServerImpl.start(ServerImpl.java:503)
at com.ibm.ws.runtime.WsServerImpl.bootServerContainer(WsServerImpl.java:298)
at com.ibm.ws.runtime.WsServerImpl.start(WsServerImpl.java:214)
at com.ibm.ws.runtime.WsServerImpl.main(WsServerImpl.java:666)
at com.ibm.ws.runtime.WsServer.main(WsServer.java:59)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:48)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:37)
at java.lang.reflect.Method.invoke(Method.java:600)
at com.ibm.wsspi.bootstrap.WSLauncher.launchMain(WSLauncher.java:213)
at com.ibm.wsspi.bootstrap.WSLauncher.main(WSLauncher.java:93)
at com.ibm.wsspi.bootstrap.WSLauncher.run(WSLauncher.java:74)
at org.eclipse.core.internal.runtime.PlatformActivator$1.run(PlatformActivator.java:78)
at org.eclipse.core.runtime.internal.adaptor.EclipseAppLauncher.runApplication(EclipseAppLauncher.java:92)
at org.eclipse.core.runtime.internal.adaptor.EclipseAppLauncher.start(EclipseAppLauncher.java:68)
at org.eclipse.core.runtime.adaptor.EclipseStarter.run(EclipseStarter.java:400)
at org.eclipse.core.runtime.adaptor.EclipseStarter.run(EclipseStarter.java:177)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:48)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:37)
at java.lang.reflect.Method.invoke(Method.java:600)
at org.eclipse.core.launcher.Main.invokeFramework(Main.java:340)
at org.eclipse.core.launcher.Main.basicRun(Main.java:282)
at org.eclipse.core.launcher.Main.run(Main.java:981)
at com.ibm.wsspi.bootstrap.WSPreLauncher.launchEclipse(WSPreLauncher.java:340)
at com.ibm.wsspi.bootstrap.WSPreLauncher.main(WSPreLauncher.java:110)
It logs "Server server1 open for e-business" at the end but then I cannot access my application and even the admin console. I checked port 9633 if it is in use through
netstat but it isn't. I also tried to change the port to 21633 but it still gives me the same error. The weird thing about this is I have no problems in running my server (and running my application on that server) last week but when I tried to do so yesterday, this error suddenly shows. I already restarted my WAS and even shut down my pc several times but to no avail. Websphere is not running as a Windows service and I'm trying to run it from eclipse. However, even if I tried running it as a service, I still get the same error. I haven't changed any configuration at all so I'm wondering what might be causing this.
My environment: Windows 7, Websphere Application Server 7.0.0.9
Anyone familiar with this problem? Any help is appreciated! Thanks!
Make sure your host name on the IPC_CONNECTOR_ADDRESS port definition for the server says localhost and not the server name.
I received this error, repeatedly, for (seemingly) every port that WAS binds, even though nobody was listening on them prior to WAS startup.
This thread led me to a solution: apparently there was some issue around the IPv6 stack. Since I don't care about IPv6 for my use, I was able to tell the JVM to prefer IPv4 by setting the following in the setupCmdLine.{bat,sh} script in my profile's bin directory.
set IBM_JAVA_OPTIONS=-Djava.net.preferIPv4Stack=true
(Change syntax as appropriate for your environment, of course.)
This was on Windows 8/WAS 8.5 (developer's edition).
You mention that you cannot access your application and the admin console. The admin console is typically bound to WC_adminhost and WC_adminhost_secured ports. You can find those under the WAS_HOME/profiles/profile_name/properties/portdef.props file. If you've customized any ports, make sure that you haven't created a conflict between any of them.
Is there any reason that you cannot access your application through any of the other standard ports? IPC is only important for high-speed communication between local instances. Most web application access can be done through the WC_defaulthost and WC_defaulthost_secure ports.
This is due to incorrect IP resolution for "localhost". Please ping localhost and ensure the response is from 127.0.0.1 (loopback) or the actual host IP itself. If not, fix it and it will resolve your issue
I've got the same issue using websphere v6.1 on Windows 7, using RAD 8.0.4
[18/09/13 09:15:01:036 EST] 00000022 TCPPort E TCPC0003E: TCP Channel TCP_1 initialization failed. The socket bind failed for host * and port 9060. The port may already be in use.
[18/09/13 09:15:02:038 EST] 00000020 TCPPort E TCPC0003E: TCP Channel TCP_2 initialization failed. The socket bind failed for host * and port 80. The port may already be in use.
[18/09/13 09:15:03:111 EST] 00000022 TCPPort E TCPC0003E: TCP Channel TCP_1 initialization failed. The socket bind failed for host * and port 9060. The port may already be in use.
[18/09/13 09:15:04:112 EST] 00000020 TCPPort E TCPC0003E: TCP Channel TCP_2 initialization failed. The socket bind failed for host * and port 80. The port may already be in use.
Here's what I did:
Verified no ports are listening on 80 or 9060 by opening a command terminal and running 'netstat -a'. If that's the case, terminate the application using it, or if you can't, try doing a restart. Otherwise, proceed to step 2.
Follow the instructions here: "http://www-01.ibm.com/support/docview.wss?uid=swg21628479".
Just a note with this is the location of "setupCmdLine.bat" file. The way my websphere is installed, it has multiple 'bin/setupCmdLine.bat' files. Folders containing this file includes, "IBM/SDP/runtimes/base_v61/bin"; "IBM/SDP/runtimes/base_v61/profiles/was61profile1"; "IBM/WebSphere/AppServer/bin"; "IBM/WebSphere/AppServer/profiles/AppSrv1/bin". And this made it tonnes confusing, because if you apply the solution to the wrong file, it won't take affect.
To find the right folder to update "setupCmdLine.bat", I went into RAD -> Servers Tab -> Right clicked on the Websphere server -> Properties -> WebSphere Application Server v6.1 menu item. And on the right side, there's the "Profile directory".
For me this pointed to '.../IBM/SDP/runtimes/base_v61/profiles/was61profile1'

Resources