I'm newbie with Spring Boot.
I'm trying to make a https call to a service, I have a Privake key to secure connection.
I hit:
http://localhost:8081/points/12345/search
I tried with https:// but I get from Postman:
Could not get any response
There was an error connecting to https://localhost:8081/points/12345/search.
From the moment I wrote
server.ssl.key-store=classpath:KeyStore.jks
server.ssl.key-store-password=test
in application.properties, I get the error message:
Bad Request - This combination of host and port requires TLS
I have deleted all my code in my controller, I just let the endpoint so that I can invoke it.
#RestController
#SpringBootApplication
public class MainApplication {
#RequestMapping(value = "/points/{point}/search", method = RequestMethod.GET)
public PointsType getPoint(#PathVariable(value = "point") String point) {
System.out.println("hi"); // Never printed
return null;
}
public static void main(String[] args) {
SpringApplication.run(MainApplication.class, args);
}
}
Here is the file application.properties:
spring.application.name=sge
server.port=8081
server.ssl.key-store=classpath:KeyStore.jks
server.ssl.key-store-password=test
server.ssl.key-alias=homologation-staging
server.ssl.trust-store=classpath:TrustStore.jks
server.ssl.trust-store-password=test
server.ssl.client-auth=need
security.require-ssl=true
server.tomcat.remote_ip_header=x-forwarded-for
server.tomcat.protocol_header=x-forwarded-proto
What should I do ?
I used https:// at the beginning instead of http://, it worked for me.
I got this message because I was using wrong certificate.
I misunderstood Client certificate and Server certificate.
In my case, I installed my certificate on the server, for my domain, but what I needed to do instead is to use it to make the request, as a client certificate.
you can check it how to do it here.
Client Certificate Authentication with Spring Boot
So this message is basically saying: "Hey, your SSL request is not OK", I can't find the cert file, or your cert file is not the good one, as #SerdarAtalay says, it can also significate that you didn't use https:// prefix, etc.
Hope it helps!
I had this issue myself and searched for days for an answer. Most responses talk about using https instead of http but that wasn't required for my testing on localhost. I got my much needed resolution from Shubham's options, which was to set server.ssl.enabled in application.properties file to false.
We can fix this by either of below listed solutions.
Use HTTPS instead of HTTP
Disable TLS encryption from POSTMAN setting and use HTTP
Check application properties server.ssl.enabled= true- HTTPS , false-HTTP
Add correct authorization credential like username and password in POSTMAN
enter image description here
[1]: https://i.stack.imgur.com/vGOj9.pngenter image description here
Error:
Bad Request This combination of host and port requires TLS.
If you are using apache Load balancer to connect your App node.
Please check application.conf file under /etc/httpd/conf.d/ and add below entry if not added.
SSLProtocol ALL -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
Restart httpd service and check.
I had this issue when working on a Java Project in Debian 10 with Tomcat as the application server.
The issue was that the application already had https defined as it's default protocol while I was using http to call the application in the browser.
I however tried using the https protocol in the browser but it didn't connect throwing the error:
Secure Connection Failed
An error occurred during a connection to 34.72.188.50:8009. SSL received a record that exceeded the maximum permissible length.
Error code: SSL_ERROR_RX_RECORD_TOO_LONG
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem.
Here's how I solved it:
I first had to create a keystore file for the application, more like a self-signed certificate for the https protocol:
sudo keytool -genkey -keyalg RSA -alias tomcat -keystore /usr/share/tomcat.keystore
Note: You need to have Java installed on the server to be able to do this. Java can be installed using sudo apt install default-jdk.
Next, I added a https Tomcat server connector for the application in the Tomcat server configuration file (/opt/tomcat/conf/server.xml):
sudo nano /opt/tomcat/conf/server.xml
Add the following to the configuration of the application. Notice that the keystore file location and password are specified. Also a port for the https protocol is defined, which is different from the port for the http protocol:
<Connector protocol="org.apache.coyote.http11.Http11Protocol"
port="8443" maxThreads="200" scheme="https"
secure="true" SSLEnabled="true"
keystoreFile="/usr/share/tomcat.keystore"
keystorePass="my-password"
clientAuth="false" sslProtocol="TLS"
URIEncoding="UTF-8"
compression="force"
compressableMimeType="text/html,text/xml,text/plain,text/javascript,text/css"/>
So the full server configuration for the application looked liked this in the Tomcat server configuration file (/opt/tomcat/conf/server.xml):
<Service name="my-application">
<Connector protocol="org.apache.coyote.http11.Http11Protocol"
port="8443" maxThreads="200" scheme="https"
secure="true" SSLEnabled="true"
keystoreFile="/usr/share/tomcat.keystore"
keystorePass="my-password"
clientAuth="false" sslProtocol="TLS"
URIEncoding="UTF-8"
compression="force"
compressableMimeType="text/html,text/xml,text/plain,text/javascript,text/css"/>
<Connector port="8009" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
<Engine name="my-application" defaultHost="localhost">
<Realm className="org.apache.catalina.realm.LockOutRealm">
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/>
</Realm>
<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true">
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="localhost_access_log" suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
</Host>
</Engine>
</Service>
This time when I tried accessing the application from the browser using:
https://my-server-ip-address:https-port
In my case it was:
https:35.123.45.6:8443
it worked fine. Although, I had to accept a warning which added a security exception for the website, since the certificate used is a self-signed one.
That's all.
I hope this helps
Im using this in my web.config in my VS2019 project with IIS express on windows 10.
<system.webServer>
<security>
<authentication>
<windowsAuthentication enabled="true" />
<anonymousAuthentication enabled="false" />
</authentication>
</security>
</system.webServer>
But I get this error
This configuration section cannot be used at this path. This happens when the section is locked at a parent level. Locking is either by default (overrideModeDefault="Deny"), or set explicitly by a location tag with overrideMode="Deny" or the legacy allowOverride="false".
I looked at the internet to try different things, but none seem to work.
https://digitaldrummerj.me/iis-express-windows-authentication/
https://mpituley.wordpress.com/2016/10/04/http-error-500-19-in-the-iis-express/
Config Error: This configuration section cannot be used at this path
Config Error: This configuration section cannot be used at this path
Config Error: This configuration section cannot be used at this path
IIS Config Error - This configuration section cannot be used at this path
I've modified the files
C:\Users\me\Documents\project\.vs\config\applicationhost.config
C:\Users\me\Documents\IISExpress\config\applicationhost.config
I'm not sure what else to try.
Does anyone know?
Figured it out, there was another file I had to edit
C:\Users\me\Documents\project\.vs\project\config\applicationhost.config
I an trying to shorten an URL like this:
www.mystore.com/webapp/wcs/stores/servlet/CategoryDisplay?langId=-1& storeId=10001&catalogId=10001&categoryId=10006
...to this:
www.mystore.com/CategoryDisplay?langId=-1&storeId=10001&catalogId=10001& categoryId=10006
Using the examples from IBM I can easily get rid of most of the URL simply by doing this in the Apache configuration:
RewriteRule ^shop/(.*) /webapp/wcs/stores/servlet/$1
And then adding this to the wc-server.xml file:
<context-root-rewrite value=“/shop” />
Is it possible to get rid of the /shop/ prefix entirely? It seems that nothing in Apache (aka IIS) prevents this, but will Websphere Commerce choke on it?
Just put
httpd.conf:
RewriteRule ^/(?!wcsstore)(.*) /webapp/wcs/stores/servlet/$1 [PT,L]
wc-server.xml:
<SEOConfiguration defaultUrl=""
dynamicUrl="true"
enable="true">
<context-root-rewrite value="/" />
</SEOConfiguration>
Restart the server1 and http server.
Answer: Because in this case we are just rerouting the requests for the servlet. If there's any other content there will be confusion. We are basically moving a sub-branch to be a sub-branch of the root, but there are other sub-branches.
I am following the Hello Web Service tutorial on ServiceStack.net. I get the message below when trying to access the service:
Failed to load httpHandler type `ServiceStack.WebHost.Endpoints.ServiceStackHttpHandlerFactory, ServiceStack'
I am using xsp which I started in my working directory for the project with the default values (i.e.: port 8080). I edited the web.config in this directory as documented in the tutorial.
How does the service find the http handler? Using xsp on port 8080 will I be able to open the metadata page?
The web.config which is in the same directory as the app contains:
<configuration>
<!-- Required for MONO -->
<system.web>
<httpHandlers>
<add path="servicestack*" type="ServiceStack.WebHost.Endpoints.ServiceStackHttpHandlerFactory, ServiceStack" verb="*"/>
</httpHandlers>
</system.web>
<!-- Required for IIS7 -->
<system.webServer>
<!-- ServiceStack: Required -->
<validation validateIntegratedModeConfiguration="false"/>
</system.webServer>
</configuration>
As mentioned I'm working with Mono and xsp. I now realize that in my working directory, MonoDevelop not only created web.config but also a bin directory which contains all of the dlls that I created and referenced in my project.
Setting xsp root directory to the path containing the web.config and ./bin enabled the http handler to be found and allowed me to finally access my web service and
http://localhost:8080/ServiceStack/metadata
In this scenario I did not need my dlls to be in /bin but in the project's bin
I had also overlooked the call to HelloAppHost().Init()
Bit of a learning curve... but I'm looking forward to using ServiceStack.
Thank you #mythz and #Mr.Young
I think your configuration might be incorrect. You might have mixed up the configuration with the configuration for using ServiceStack with an existing web framework.
The basic configuration for hosting ServiceStack at the root (/) path without any other web frameworks is
<system.web>
<httpHandlers>
<add path="*" type="ServiceStack.WebHost.Endpoints.ServiceStackHttpHandlerFactory, ServiceStack" verb="*"/>
</httpHandlers>
</system.web>
Remove the servicestack* from the path and the IIS specific stuff. It's possible your running into the VERY uncool bug in Mono ASP.NET implementation of virtual paths, details here: https://groups.google.com/d/msg/servicestack/kzfS88RldIU/LsJ2jV9M2LIJ
If I add settings to my app's web.config file, is there an API to read the settings from my app or do I have to read the file using an XML library?
There is no special API that allows you read web.config into your node.js application running in iisnode. Having said that:
all key/value pairs from the appSettings section in web.config will be promoted to environment variables of the node.exe process, so you can access them using process.env,
as of iisnode v0.1.19, in addition to web.config, configuration settings can be specified in a iisnode.yml file; see http://tomasz.janczuk.org/2012/05/yaml-configuration-support-in-iisnode.html for details.
This example shows how promoted key/value pairs from the appSettings section in web.config are available as environment variables. In your web.config file:
<configuration>
<appSettings>
<add key="abc" value="test" />
</appSettings>
</configuration>
In your node application: console.log(process.env.abc); //--> test