I am using MobileFirst 6.3 ontop of WAS Liberty 8.5.5.4.
I am able to access the console via HTTP, but fail to do so via HTTPS.
With HTTP:
With HTTPS:
This is the server.xml: server.xml
And the messages.log: messages.log
You must install from IBM fix central the last 6.3 ifix that includes :
http://www-01.ibm.com/support/docview.wss?uid=swg1PI30521
http://www-01.ibm.com/support/docview.wss?uid=swg1PI31900
Related
as the title says I'm facing the error:
WebSocket connection failure. Due to security constraints in your web
browser, the reason for the failure is not available to this Neo4j
Driver…​
My neo4j DB is running on a Ubuntu Linux machine:
Unbungu 20.04.04 LTS, Release 20.04
Neo4j Community Edition, Version 4.4.8
I can connect to the db via:
http://localhost:7474/browser/
but not under
https://localhost:7473/browser/ or bolt+s://localhost:7687
I already tried multiple "solutions" but none of them work.
Here is what I changed in my config.
dbms.default_listen_address=0.0.0.0
dbms.connectors.default_list_address=0.0.0.0
dbms.connector.bolt.enabled=true
dbms.connector.bolt.address=0.0.0.0:7687
dbms.connector.https.enabled=true
dbms.connector.https.listen_address=0.0.0.0:7473
I also generated SSL certificates:
Bolt SSL configuration
dbms.ssl.policy.bolt.enabled=true
dbms.ssl.policy.bolt.base_directory=certificates/bolt
dbms.ssl.policy.bolt.private_key=private.key
dbms.ssl.policy.bolt.public_certificate=public.crt
dbms.ssl.policy.bolt.client_auth=NONE
Https SSL configuration
dbms.ssl.policy.https.enabled=true
dbms.ssl.policy.https.base_directory=certificates/https
dbms.ssl.policy.https.private_key=private.key
dbms.ssl.policy.https.public_certificate=public.crt
dbms.ssl.policy.https.client_auth=NONE
Any ideas?
*Edit: Typo
I am using Ruby 2.3 and Rails 4.2. gem mysql 0.5.3 is installed. When I am trying to deploy the application to Azure Database for MySQL (restriction TLS1.2) and got the error "SSL verification failed" after configuration of database.yml. Then, I just tried to do single connection in command line with the guide https://learn.microsoft.com/en-us/azure/mysql/connect-ruby. The error is:
$ ruby createtable.rb
..........start to connect to database.
TLS version used does not meet minimal requirements for this server. Please use a higher TLS version and retry.
Done.
How do I fix this issue?
By the way, I installed MySQL Community Server 8.0.22 on Azure VM, which is for web server. Connecting to remove MySQL server using Workbench with SSL is working.
Thanks for your help!
Use this to setup the right SSL/TLS to your environment.
When I run any maven command with specified http and https proxy address and port as below:
mvn <command> -Dhttps.proxyHost=<MY.PROXY.HOST.ADDRESS> -Dhttps.proxyPort=<MY_PROXY_PORT> -Dhttp.proxyHost...
It's running without any error.
I want to set those configurations as default for my STS network connections and select the manual Active Provider (see attached screenshot for my configurations),
I think it's not related to the STS versions because I faced the same problem with 3.8 and 4.6 version. Anyway, Here is my STS version
Now, when I try the same maven command without proxy and port arguments, the maven command fails due to a network connection error.
[ERROR] unable to read java.net.ConnectException: Connection timed out
I was hoping someone could help.
I am trying to sftp to a remote server that is behind a firewall. I have a proxy setup and can sftp via the unix terminal succesfully. However when using mulesofts SFTP connector I get a timeout. From research it looks like this is because it is run on the JVM.
Mule comes with wrapper.conf to update any jvm settings so I have set the following settings:
wrapper.java.additional.15=-DsocksProxyHost:hostname
wrapper.java.additional.16=-DsocksProxyPort=1080
When I do this the Mule service no longer runs and get the following error:
WrapperManager Error: Unexpected exception opening backend socket: java.net.SocketException: Can't connect to SOCKS proxy:Invalid argument or cannot assign requested address
Hopefully someone can assist.
Thank you.
Perhaps typo in the
-DsocksProxyHost:hostname
Should be = rather than :.
The port is unnecessary, 1080 is the default. Documentation is here, see section 2.4 for SOCKS
http://docs.oracle.com/javase/8/docs/technotes/guides/net/proxies.html
Firefox v39 will no longer connect to my web application over HTTPS. I'm using Spring Boot with embedded Tomcat and I've made sure I'm using the latest version of Boot (v1.2.5). Firefox shows the following error message:
Secure Connection Failed
An error occurred during a connection to [website]. SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key)
I understand this is to protect against a known vulnerability called Logjam. A solution for Tomcat is provided at weakdh.org.
Spring Boot passes SSL configuration to Tomcat via application.properties and as such I have added server.ssl.ciphers to my application.properties as follows:
server.port=443
server.ssl.key-store=/home/ec2-user/boot.p12
server.ssl.key-store-password=...
server.ssl.keyStoreType=PKCS12
server.ssl.keyAlias=...
server.ssl.ciphers=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_SHA256,TLS_ECDHE_RSA_WITH_AES_128_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_SHA,TLS_ECDHE_RSA_WITH_AES_256_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_SHA384,TLS_ECDHE_RSA_WITH_AES_256_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_SHA,TLS_DHE_RSA_WITH_AES_128_SHA256,TLS_DHE_RSA_WITH_AES_128_SHA,TLS_DHE_DSS_WITH_AES_128_SHA256,TLS_DHE_RSA_WITH_AES_256_SHA256,TLS_DHE_DSS_WITH_AES_256_SHA,TLS_DHE_RSA_WITH_AES_256_SHA
After restarting boot, I notice the following in my log file:
WARN 2674 [main] --- o.a.t.util.net.jsse.JSSESocketFactory : None of the ciphers specified are supported by the SSL engine : TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, ...
Additionally, connecting using Firefox fails with the following message:
Secure Connection Failed
The connection to [website] was interrupted while the page was loading.
And I see the following in my log file:
javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
Unfortunately I'm no encryption expert. Can anyone suggest how to fix this? Do I need to recreate my HTTPS certificate?
The solution was to upgrade server Java on the server from 1.7 to 1.8.
sudo yum remove java-1.7.0-openjdk
sudo yum install java-1.8.0
After this was complete, no other configuration was necessary. Not even modyfing Tomcat as per the advice at weakdh.org.