We have a website, that is working with http, and we are trying to get https to work.
In the iis the certificate is installed and the Bindings are set.
According to the certificate vendor, everything is correct in iis (They have checked)
But when trying to connect from a browser i get "ERR_SSL_PROTOCOL_ERROR"
I did a networktrace on the server and i can see the browser making a SSLHandshake, thats semms OK
But the server answer says
Http: Response, HTTP/1.1
ProtocolVersion: HTTP/1.1
StatusCode: 400, Bad request
Reason: Bad Request
i can altso see in the hex details, Bad Request - Invalid Verb
Anyone have any idea what can be wrong?
Thanx Martin
OK, i did solve it
When adding the new portforwad rule for https i copied the http rule, but missed to change the port on the server side, so all communcation got port translated from 443 to port 80 on the server side
/Martin
Related
I want to block some sites with my proxy by responding with 403. I succeeded with responding in such a way in an HTTP proxy, but when I get the CONNECT method, I respond with:
HTTP/1.1 403 Forbidden
Status: 403 Forbidden
Proxy-agent: smth
Connection: close
But users still get the ERR_TUNNEL_CONNECTION_FAILED. What can I do to provide users with a nice 403 error?
RFC 2817 does not disallow 4xx codes, and the Draft has the section "4. Extensibility" that states that
"The tunneling handshake is freely extensible using the HTTP/1.x headers;"
But it looks like all browsers decided to just ignore almost every non-2xx codes for security reasons.
Here are some bugs reports:
https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/dd565641(v=vs.85)
Internet Explorer 8 has a feature that ensures that the secure connection is made all the way to the target server. If it isn't, then no page is displayed.
https://bugzilla.mozilla.org/show_bug.cgi?id=479880
I realize that I'm way late to the party here, but [...] this fix is terrible for proxy admins (myself included). Our proxy returns a 403 forbidden for filtered SSL content and an error page about why the content is blocked, and Firefox just drops all of it on the floor
https://bugs.chromium.org/p/chromium/issues/detail?id=7338
So that's the way it is.
I have set up SSO using weblogic on windows and Kerberos, It is working fine for the http pages, however I observed a strange behavior on https pages which requires CONFIDENTIAL setting for the transport, It works fine if I first access a page on http which is not configured as secured in web.xml(Transport-Gurantee as None) and then the https page.
But If I try to hit the https url directly which is configured with Transport-Gurantee as CONFIDENTIAL then it shows the Basic Auth Dialog and a 401 Unauthorized response, Looking at the logs I see that the Server responded with the WWW-Authenticate but browser showed the Basic Auth Dialog in response instead of getting the Authorize token.
Does anyone has any idea on what might be issue here, If there is any problem with the browser settings then it would not have worked irrespective of accessing the http url first.
I can see the following error log in weblogic console
Malformed request "Can not parse URI from http request". Request parsing failed, Code: -1
Found one of the link here
SPNEGO on IBM WebSphere Portal 6.1 with https
For my case it is weblogic 12c , I don't think reinstalling 12c is a valid solution for it
Ok I got it fixed , It turns out to be an issue with the browser configuration , the https://myserver.domain.com was not inside the intranet domain and the control to do that rests with the windows Admin team, once they added it , the https urls are also working fine.
I have a problem I'm running an Apache Traffic Server but the problem is that amount and all well but to run a headline like this
GET /index/Page?aspxerrorpath=/aspa.aspx HTTP/1.1
Host: myhost.com
Executing this request to the server returns 404 not found me on accelerator (ATS)
But the strange thing is that there are proxies internet so that sending http request that I return a 200 response request Ok but my server is not.
Did you add a remap rule to your remap.config? It would look something in the line of
map http://myhost.com http://origin-for.myhost.com
I have a local site running ASP.Net MVC 3 over HTTP and HTTPS through IIS Express.
The HTTP url is http://localhost:4000 and the HTTPS is https://localhost:44301.
I'm trying to hook up the Stripe payments API but it really does not like the port, protocol and domain mismatch. I've tried using CORS to tell it to trust stripe.com but it seems that it is due to the port mismatch and I cannot figure out how to tell it to ignore that.
Adding the following header does not product any difference.
Access-Control-Allow-Origin:*
When accessing my payment page via HTTP, I get the following:
Blocked a frame with origin "https://checkout.stripe.com" from
accessing a frame with origin "http://localhost:4000". The frame
requesting access has a protocol of "https", the frame being accessed
has a protocol of "http". Protocols must match.
It gets worse when using SSL as my local SSL port is not 443.
How do I tell CORS to ignore the port mismatch whilst in development?
You can disable same origin policy while in development. Load chrome with the following argument:
--disable-web-security
https://stackoverflow.com/a/6083677/287760
Didn't the error message tell you the problem? Use HTTPs.
I still get this message my live site:
Uncaught SecurityError: Blocked a frame with origin "https://checkout.stripe.com" from accessing a frame with origin "https://getaddress.io". Protocols, domains, and ports must match.
..everything still works so I wouldn't worry about it. There's not much you can do about the domains being different.
Hi i am using MSXML2.ServerXMLHTTP40 to get and post request to a url.When i post to http site it works fine but when i post to https site it throws me an error stating the operation timed out.I am not able to get the response.Kindly help me out.Thanks in advance
I Found the solution I have to set the ..setproxy and setproxycredentials along and also i need to get the session id .When i used all the three it worked fine.
By default HTTP will use port 80 but HTTPS uses port 443. Is it possible that you've got a firewall blocking port 443?
I'd suggest trying to connect to both sites from a webbrowser to make sure it all works.