Apologies if this isn't the right place to post this question but I have a Jenkins container running on an ec2. Both listen on 8080. I have an NLB that listens on 443. When I log into to my https://jenkins.xyz.com, it redirects to http://jenkins.xyz.com. I get an error as nothing is listening on 80. If I manually change http to https after logging in, I'm in and just it works fine, although I get "reverse proxy is broken" error in Configure Jenkins. Tried a different container but still the same issue. Any help will be greatly appreciated.
Was able to solve my issue following the instructions in this article:
http://code.haleby.se/2016/01/22/enable-ssl-in-jenkins-in-docker/
Just had to give the jenkins user (UID) permissions to the directory containing the cert on the host (which I didn't see in the article but might be mentioned).
Related
I have an express js client app and an express server app with almost the same istio configuration. Client cannot be accessed through its host URL while the server is working well. Curl client host URL just gives me infinite waiting. And I cannot find any related traffic log in the istio-proxy of client pod. This is very confusing. What could be the possible reason for this problem?
istioctl analyse on live cluster dose not give any helpful information
I need to host my Django application using gunicorn on Cloudfoundry on port 443, HTTPS.
I am getting error:
InsecureRequestWarning: Unverified HTTPS request is being made. Adding
certificate verification is strongly advised.
Which is resulting into Internal server error.
How should I add add SSL.
What are server.cert and server.key files? How to add them.
I am getting error:
InsecureRequestWarning: Unverified HTTPS request is being made. Adding certificate verification is strongly advised.
I don't believe this is related. See this SO post for more details on the error.
Suppress InsecureRequestWarning: Unverified HTTPS request is being made in Python2.6
As far as handling HTTPS for your app on Cloud Foundry, good news, there's nothing you need to do. Cloud Foundry will handle TLS termination for incoming requests to your apps. That's it.
If you're curious about the details, there are a lot of them at the following link. The details do depend on how your platform operator has set up TLS termination, so you could also talk with them if you have questions.
https://docs.cloudfoundry.org/adminguide/securing-traffic.html
Hope that helps!
Jenkins does not save any configuration when I make changes and click on "Save". I loaded the page on Firefox with Firebug, and I see that my postBacks are being aborted. I tried it on Chrome, and I get a "No data received". What am I doing wrong?
I installed Jenkins on an EC2 instance, and configured it to listen on port 8888. I opened the port on the EC2 console, as well as in iptables.
I then installed Apache2 and used it to provide a Proxy on port 9001, and opened that port as well, both in the EC2 inbound rules and in iptables. (When the setup starts to work, I'll close one of these ports.)
Jenkins is accessible through both ports.
Edit: I've also tried disabling iptables, the problem persists.
Edit: I've realized that the problem is with accessing Jenkins from outside. I logged in via SSH and accessed the site using elinks, and everything worked fine. However, elinks, being a text-browser, is a pain to use, and not all of the site is really usable this way.
After trying for several hours, I decided to try doing this on a different internet provider. Voila, things started working. I assume this is a problem with my Internet Service Provider, as this works perfectly on my work network.
I keep getting Connection Failed when trying to request data from a page that is on an https:// domain. I did install the ssl cert using the built-in section of the railo admin at https://[mydomain]/railo-context/admin/server.cfm?action=services.certificates however I still get Connection Failed. How should I go forward with debugging this? I have confirmed that this server in particular does have access to the domain I am trying to request from.
You probably need some additional certs installed as Jason has said. Take a close look at the cert and it's chain. Go to the cert issuers site and look for some documentation.
To troubleshoot you can add some logging to your jvm args. I think it's something like:
-Djavax.net.debug=all
The results are either in the OUT log or the server.log. This post on SSL 3.0 has some debugging tips. It's possible that your cert needs to handshake at a lower security level than CF allows (SSL 2.0 instead of 3.0/TLS for instance) and that could cause this behavior - but it's more likely that you simply need an intermediate cert installed.
The problem ended up being the permissions weren't setup properly on the machine. After we had the server administrator fix our permissions to access the Railo-Tomcat Service Control, the requests started working. I'm assuming he fixed some other permissions while he was in there.
CFHTTP on my new CF 9 server is failing. I get back "408 Request Time-out" when attempting to connect to the test page on the server via its internal or external IP. I am not using SSL and using the standard port 80.
My old CF 9 server can connect to itself fine but it also fails if attempting to connect to the new server.
If I RDP into the server, I am able to pull up the same test page via a web browser or via telnet to that ip port 80.
I suspect that this is a firewall issue. I'd like to know how CF makes an HTTP request under the hood before I talk to the hosting team. What service is making the call? What port is it running under, etc.
You don't say what operating system you are running under, but if it is Windows, I'd take a look at the Windows Firewall settings on your new machine, and disable the firewall. That will allow you to check if indeed it is the Firewall in the way.
If that works you can then try and add a firewall exception for the application, i.e. JRun.
Hope that helps.