I have web service client deployed on Glassfish v3. It needs to access a server that requires proxy access. I have a pac file (proxy auto config) but I don't if/how I can use this to configure my Glassfish instance so the my client can access the service. If it's not doable, is there another way to set up access to a proxied server?
Thanks!
I have not found any info on setting up proxy access with a PAC file, however you could set a hostname and port for a proxy server both for HTTP and HTTPS via JVM settings, see question here.
You could set up a proxy on your localhost, which could handle a PAC file or mask proxy authentication. I use Authoxy for this for my local server on Mac OS X, no doubt there are similar programs for other OSes. Then set up your Glassfish to connect via the proxy on your localhost.
In the end, I did not need to configure Glassfish with the pac file. :)
Related
My Spring app uses lets encrypt and is https only. I did not include http to https thing, as it worked for me in postman with https:// format
When I deployed to Cloud Run, and mentioned the custom port (the port specified in spring)
and tested using URL from dashboard
https://..blah..run.app
I am getting error/message
Bad Request
This combination of host and port requires TLS.
What configuration is required on Cloud Run to resolve this?
The url as I see on service details page has htpps://...
EDIT:
If Cloudrun does not need me to take case of SSL, I can remove the application properties entries
server.ssl.key-store-type=PKCS12
server.ssl.key-store=classpath:key/keystore.p12
server.ssl.key-store-password=${lets.secret}
server.ssl.key-alias=someCertAlias
server.ssl.enabled=true
So Can I get an answer on whether to remove SSL from spring?
If cloudrun always uses http, all my calls use redirectConnector, which seems pointless
The Cloud Run Service listens on HTTP and HTTPS. Your application running in the container must listen on a port configured with HTTP only.
FYI: For a public facing web server, you should almost always enable HTTP. Otherwise, when a user enters www.example.com in the browser, the user will receive a connect error. This not always the case, for example .dev gTLDs, but is good practice. When a user connects to Cloud Run with the HTTP protocol, Cloud Run will redirect the user to HTTPS and connect to your application using the HTTP protocol.
how can i use the external ip of my centos7 instance with https, like for example https://external_ip to open an application like https://external_ip:Port/my_application
Generate a self-sign certificate using openssl.
Check this out here:
https://stackoverflow.com/a/10176685/9662626
Open a https port on your webserver. Set the certificate in the config (I can't be specific here because I don't know about your operating system and your choice of web server). Finally setup a reverse proxy to proxy the web server port to your app port.
I installed Mule Community Server on AWS cloud and it is functioning properly. When I use http end point and invoke Mule services from browser on my Amazon EC2 machine they work. When I access them from outside, the request timeout. The end points are not bound to local host but mapped to 0.0.0.0:8081. I have checked all firewall settings using amaozon security group and set permission for all. Yet it doesnt work. I am able to access the Windows IIS http server on the same machine but not mule on port 8081. Any clues would help.
Hope this doesn't sound rude, but did you disable the windows firewall, or allow 8081 through the windows firewall?
Can anyone help me setup web polygraph for testing an HTTPS servers via proxy servers in middle
linux machine:192.168.21.7
proxy server :192.168.21.9
https server : 192.168.21.11
This link contains the needed information:
http://www.web-polygraph.org/docs/userman/simple.html
Basically polygraph has couple files which are bundled with it and use for testing.
The manual I gave you give example that uses polysrv but on different distributions you will probably have different names for the tool(on ubuntu it's polygraph-server and polygraph-client)
You need to set the listening service ip+port outgoing "robot" ip and then start it using command line.
For https setup we will configure our pg file on server and client with SslWrap module.
Details of same can be found in http://www.web-polygraph.org/docs/reference/models/ssl.html
I followed the example in the following SO question to successfully set up an Apache forwarding proxy: Setting up an Apache Proxy with Authentication
It works well, except that when accessing sites via https, it says it cannot find the site. For example, Chrome gives
Error 111 (net::ERR_TUNNEL_CONNECTION_FAILED): Unknown error.
And on the server, I do not even see something in the access logs. For my proxy settings, I have configured the same for http and https (i.e. port 80 on my proxy server).
Do you perhaps have an example of how to set up a forward proxy with Apache for https?
It seems the only thing I was missing is that I had not enabled mod_proxy_connect which was achieved with
sudo a2enmod proxy_connect
To quote the mod_proxy_connect documentation page:
This module requires the service of mod_proxy. It provides support for
the CONNECT HTTP method. This method is mainly used to tunnel SSL
requests through proxy servers.
Are you attempting to terminate the SSL or just trying to create a forward proxy without handling any SSL certs? The issue that you are having is because during HTTPS proxying, the browser attempts to create an HTTP tunnel and it seems that your server is not correctly configured to handle tunneling. You can see another example here: Implementing a Simple HTTPS Proxy Application.
Here is another helpful thread on proxying HTTPS traffic with HTTP tunneling: Tunnel over HTTPS.
If you can choose something else other than Apache, I would suggest you use a robust forward proxy such as Squid or TrafficServer that are built to handle this type of setup.