Installed postman from Chrome.
Getting error related to ssl certificate when posting https request.
Looks postman could not have SSL handshake with server, although server is working fine.
2021 Update:
For those interested to configure properly your certificates within Postman, please follow the below tutorials:
Postman: Working with certificates
How to Troubleshoot SSL Certificate & Server Connection Issues
Old solution, only disabling the SSL verification.
For anyone having this trouble.
Self-signed SSL certificates are being blocked:
Fix this by turning off 'SSL certificate verification' in Settings > General
So, just try to disable the SSL certificates in the Postman Settings.
After that, Postman was able to normally make POST requests through HTTPS.
Source: Postman help.
Open chrome and directly posting the https url for the post request, then reopen postman it works. Chrome browser did the SSL handshake and past the info to postman so postman can continue with https request.
Related
I'm currently trying to make an AJAX request in a crappy dev environment. My current app is on HTTP and is making an AJAX request to an HTTPS endpoint with a broken certificate. Is there any way I can get my IE11 to stop rejecting the request?
Found a solution for fixing the messed up SSL cert situation here: https://medium.com/#ali.dev/how-to-trust-any-self-signed-ssl-certificate-in-ie11-and-edge-fa7b416cac68
I have set up SSO using weblogic on windows and Kerberos, It is working fine for the http pages, however I observed a strange behavior on https pages which requires CONFIDENTIAL setting for the transport, It works fine if I first access a page on http which is not configured as secured in web.xml(Transport-Gurantee as None) and then the https page.
But If I try to hit the https url directly which is configured with Transport-Gurantee as CONFIDENTIAL then it shows the Basic Auth Dialog and a 401 Unauthorized response, Looking at the logs I see that the Server responded with the WWW-Authenticate but browser showed the Basic Auth Dialog in response instead of getting the Authorize token.
Does anyone has any idea on what might be issue here, If there is any problem with the browser settings then it would not have worked irrespective of accessing the http url first.
I can see the following error log in weblogic console
Malformed request "Can not parse URI from http request". Request parsing failed, Code: -1
Found one of the link here
SPNEGO on IBM WebSphere Portal 6.1 with https
For my case it is weblogic 12c , I don't think reinstalling 12c is a valid solution for it
Ok I got it fixed , It turns out to be an issue with the browser configuration , the https://myserver.domain.com was not inside the intranet domain and the control to do that rests with the windows Admin team, once they added it , the https urls are also working fine.
I keep getting 401 Forbidden response testing our IIS based WebAPI calls using my Windows credentials in Postman version 6.0.10. Is there a workaround for this in Postman without using a hack like running Fiddler as a proxy in the background?
Maybe try without the ssl certificate.
https://www.getpostman.com/docs/v6/postman/launching_postman/settings
I have a website hosted on domain-a.com, which we are about to install an SSL certificate on. The certificate is issued by a CA so it will be trusted by browsers.
After pageload on domain-a.com, an ajax call is made to domain-b.com using CORS to retrieve some additional information to display on the page.
I have two questions:
Do I also need to install an SSL certificate on domain-b.com? What will happen in the users browser if I don't?
If I do install an SSL certificate on domain-b.com, but I use a self-signed certificate as opposed to one issued by a CA, will that work, or will there be warnings/errors thrown by the user's browser?
I set up some test pages to see how this behaved, and it looks like you do need to install SSL on domain-b.com. Most browsers I tested blocked the nonsecure content. Others gave a warning. The same things happened if domain-b.com had a self-signed certificate. The connection was still blocked.
The simplest and cheapest solution I found was to install a free SSL certificate from StartSSL on domain-b.com. This CA seems to be recognized by the browsers I tested on so the connection to domain-b.com works fine. If anyone sees any issues with this that I'm not thinking of, please let me know.
Is it possible to use HTTP caching for conditional GET requests over a secure HTTPS connection? I've got caching working over non-secure HTTP, but when I switch to HTTPS the browser stops sending if-none-match and if-modified-since headers, so the caching breaks. I've tried various Cache-Control settings like public, max-age=3600 and whatnot, no dice.
This happens in both Safari and Chrome, so I'm assuming the SSL is breaking it somehow. Is caching not allowed over SSL?
And just to be clear, the server is indeed properly setting the etag and last-modified headers, but the browser is not sending if-none-match and if-modified-since in the request, according to the Chrome developer tools.
Thanks for your help.
Figured it out! Turns out you have to have a trusted certificate. I was using my self-signed test certificate for SSL HTTPS. Adding it to my keychain and turning it green made the caching work.